In our project we used knockoutJS Mapping plugin to map the MVC model using the following
var data = @Html.Raw(new System.Web.Script.Serialization.JavaScriptSerializer().Serialize(Model));
$(document).ready(function () {
viewmodelCO = new ViewModelCO(data);
ko.applyBindings(viewmodelCO, document.getElementById("divID"));
});
All things works perfectly OK, but my problem is the data security, when we use @Html.Raw is expose all the data and if someone right click on the page they can see the original Raw data .
How can we prevent this situation, I know one option is re-write the code and get the data using Ajax request but this is like another call to the server after the page load and that was the reason we start using the MVC model to Map the knockout object. Any suggestions ?