Comments (6)
colinskow
commented on June 23, 2024
CouchDB is designed to be exposed to end users. If you setup the security features correctly you have nothing to worry about. To access CouchDB with a browser, you will need to enable CORS.
I'm not sure if you have deeper reasons for using a reverse proxy, but it seems to me like a waste of server resources.
Definitely something about your implementation is screwing up the replication algorithm. The simplest solution is to not use a proxy.
from pouch-mirror.
colinskow
commented on June 23, 2024
Join slack.pouchdb.com to communicate with myself and a lot of helpful people with CouchDB experience.
from pouch-mirror.
SukantGujar
commented on June 23, 2024
Thanks Colin. One primary reason for using proxy is to prevent the CORS exchanges, which are slow and repetitive. And to allow gzip compression. Then there's the need to have as less ports exposed as possible and also less important needs like to be able to have the backend replacable in future. But frankly, I am hesitant to expose CouchDB unless I truly understand the security undertakings.
from pouch-mirror.
SukantGujar
commented on June 23, 2024
After closer inspection, I found that the proxy code was not sending over the query string parameters to PouchDB. The following change fixed the issue -
req.pipe(request({ qs:req.query, uri: db_url })).pipe(res);
from pouch-mirror.
colinskow
commented on June 23, 2024
The reverse proxy won't actually provide any additional security. Any attack that could be leveled against Couch will pass straight through the proxy unless you heavily filter the requests. It is much easier to study up on CouchDB security and do it right than to filter proxy requests.
The proxy will likely add lag to your requests, so you need to measure this against the benefits of GZIP. Not to mention as your app scales you will save a lot of money by not needing to scale the proxy servers.
from pouch-mirror.
SukantGujar
commented on June 23, 2024
Your points are very valid Colin. I think the right thing for me to do is to take metrics with both approaches. Thanks to Superlogin's publicURL concept, its a one line change for me to switch from public facing CouchDB to a proxied one.
Another aspect here is that my application is not as chatty with the server. In fact around 80% of the time the interactions would be client side only. So the local PouchDB instance would be busy and occasionally the app would sync with the server.
from pouch-mirror.
Related Issues (4)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from pouch-mirror.