I'm very new to CEF and I have a question as it relates to the security of the data/DOM of my CEF application.
Obviously when I create a web-app, any user can activate the developer tools of their browser and see much of the makeup of a web app. With CEF I see the sample app has a specific feature to enable remote debugging, but I'm wondering if that is specific to that app, or is that baked into CEF? Could someone find a way to connect to my app and get access to the internals, like the DOM structure. Also, is there any other way that the DOM could be exposed? I can see that if I distribute my JS externally then a user could hack/modify, but if everything is embedded, then I imagine it eliminates that potential threat. I also thought about HTTPS traffic getting captured (like Fiddler) but assume that as long as I encrypt any data that is sent out/received then I'm covered there. Just wondering how exposed my app would be, and what additional security issues I would have to deal with.
If there is a simple Wiki link that I haven't found yet that answers this that would be great as well. Thanks for reading!