Earlier today I tweeted:

A server dies every time someone implements OAuth in a single page is web-app. Stop the genocide! Use a server side proxy! Act now!— Alex Bilbie (@alexbilbie) November 11, 2014

This kicked off a discussion across Twitter, Github issues and email about why I have such strong opinions about this.

It's simple, security. You just can't keep things that should be secret safe in client side code.

Let's assume that you've just made a shiny Angular/Ember/whateve...