Pretty new to web development so apologies for the probably obvious question.
I see everywhere that the frontend makes requests to the backend and not the client directly.
But let's say I have a react app, that runs on the browser of course, and it makes Ajax calls to the backend, so it's basically the client makes the call and not the frontend server which serves the index.html and whatnot.
Does that mean, from a security perspective, that I should permit access to both frontend and backend servers from clients?
Much thanks!
Aucun commentaire:
Enregistrer un commentaire