• 10
• 12
• 12
• 14
• 18

# Chrome console security

This topic is 382 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

## Recommended Posts

So I've been playing around with my site trying to send stuff to the server which isn't intended.  I noticed that Chrome console really lets you do what you want.  I can even redefine whole functions, glean into the inner-eds of my closures and then fire off stuff to the server that wasn't intended.   :unsure: However, I did notice that within a closure if a variable is not apart of the return function such as

var myfunction = (function (){
var a = 'ha!';
var b = 'boo!';

return function( x ){
console.log( b + ' ' + x );
};
};


Then 'a' is not actually retrievable by chrome console in any way shape or form.  is this true??

[EDIT]: please disregard this question.  I have learned that it is impossible to harden client script and prevent the client from sending malicious stuff to the server.  The objective is to harden the server.

Edited by Awoken