Limit HTTP access using CORS or secret key? #372
-
Is this possible? I saw on this answer on pocketbase: pocketbase/pocketbase#606 (comment) A secret key would be preferred so that I can limit access to my Pockethost instance via server-side requests. While it's super easy for prototyping, there's a non-negligible class of website projects that don't want to allow public access to their database. |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 6 replies
-
Right, CORS is no good for that. You can accomplish a secret key using the PocketBase JS hooks custom middleware https://pocketbase.io/docs/js-routing/#custom-middlewares We are also considering adding an IP whitelisting feature, would that be useful for you? |
Beta Was this translation helpful? Give feedback.
Right, CORS is no good for that.
You can accomplish a secret key using the PocketBase JS hooks custom middleware https://pocketbase.io/docs/js-routing/#custom-middlewares
We are also considering adding an IP whitelisting feature, would that be useful for you?