This isn't quite true. With SSR apps you still have to support some form of a user modifying data (adding a like to a post or sending a comment) via POST or equivalent requests
It's in this act of giving the ability to the users that security is brought into question because then you have to start thinking about verifying the inputs and authentication and all that. SSR apps can't avoid ANY of this, they have to think about it as much as client rendered apps.
On the other hand, client rendered apps without any authentication or ability for users to modify anything gain the same benefit of "not having to think about security" anyway. So this benefit isn't tied to a rendering method, but to the content being rendered and potentially modified
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
This isn't quite true. With SSR apps you still have to support some form of a user modifying data (adding a like to a post or sending a comment) via POST or equivalent requests
It's in this act of giving the ability to the users that security is brought into question because then you have to start thinking about verifying the inputs and authentication and all that. SSR apps can't avoid ANY of this, they have to think about it as much as client rendered apps.
On the other hand, client rendered apps without any authentication or ability for users to modify anything gain the same benefit of "not having to think about security" anyway. So this benefit isn't tied to a rendering method, but to the content being rendered and potentially modified