Skip site navigation (1) Skip section navigation (2)

Re: javascript and postgres

From: John R Pierce <pierce(at)hogranch(dot)com>
To: 野村 <nomura(at)ir-alt(dot)co(dot)jp>
Cc: pgsql-general(at)postgresql(dot)org
Subject: Re: javascript and postgres
Date: 2009-02-24 17:06:37
Message-ID: (view raw, whole thread or download thread mbox)
Lists: pgsql-general
野村 wrote:
> Web pages have username and password with basic, digest or ldap
> authorization. So if I createuser with same user and password, and if
> there is md5 or something to encode password, I wonder javascript
> connects to postgres securely.

for that to work, irregardless of security aspects, the postgres client
libraries would have to be installed on each web browser system, in a
form that javascript could invoke. However, I've not heard of any
javascript -> postgres bindings suitable for use in a webbrowser context...

Javascript in a webbrowser is running in a sort of sandbox and isn't
supposed to be allowed to make its own network connections, or call
system libraries directly, allowing this would be a gross security flaw
(for instance, a hostile web page could take over a users computer).

In response to

pgsql-general by date

Next:From: Jordi RomagosDate: 2009-02-24 17:07:07
Subject: Array to IN or UNION
Previous:From: Thom BrownDate: 2009-02-24 16:55:45
Subject: Warm standby failover mechanism

Privacy Policy | About PostgreSQL
Copyright © 1996-2017 The PostgreSQL Global Development Group