Meteor methods and security

After watching an episode of Josh Owens Meteor Club Q&A about security I picked up some tips from guest Pete Corey about meteor methods.

Did you know that calling Meteor.connection._methodHandlers from your console lists all available methods on the client? You can also see all your collection inserts, updates and removes from there.

A few things to consider if you write your methods in a shared location (for optimistic UI goodness):

comments powered by Disqus