mysqlcordovataffydb

Protect client side database like TaffyDB


I have to develop an application for smartphones using HTML/CSS/JS (for PhoneGap) and I have to store data somewhere.

After some research, I found TaffyDB (http://www.taffydb.com/) that exactly does the job except on one point : security.

I don't want someone to take all my data just by saving the JS file so is there a solution to protect it ? Or if I want to keep my data private, do I have to use an usual database (like MySQL) coupled with a PHP script that I call via Ajax ?

Thanks for the help.


Solution

  • TaffyDB can be used on Server-Side with a number of server-side solutions, but you will have to control the output on your application to include just the data.

    In general, unless you plan to use a javascript server-side solution, I would say you cannot make it "secure", and even if you use non sensitive data on your front-end, I would highly recommend you go through the OSWAP guide before writing any code to determine if it is secure or not.