-
Notifications
You must be signed in to change notification settings - Fork 297
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Query: Accessing CBL server from 3rd party application #1520
Comments
Do you have any update on these query, i want to know the behaviour of iOS. Thanks, |
You can use CouchbaseLite Listener to enable REST access. You can also setup users' credentials as well. See https://github.com/couchbase/couchbase-lite-ios/blob/master/Listener/CBLListener.h#L85. |
@pasin we are running the cordova based app with CouchbaseLite Listener running.. how secure is the iOS module? Pls confirm.. Android has below issue open: couchbase/couchbase-lite-java-listener#48 Thanks |
|
1)"bound to the process" meaning other Apps cant access it? Is there a server concept in iOS too? PCAP will have traces of http/custom url used? SSL is not needed? https://github.com/couchbase/couchbase-lite-ios/wiki/LiteServ-With-SSL 2)We do have cors issue in iOS 10, will share more info soon. Thanks |
@pasin your thoughts on above? |
@NitzDKoder Sorry, I missed your questions.
CBL iOS PhoneGap plugin doesn't start the listener (see the code here). It uses an internal custom URL (a subclass of NSURLProtocol) that allows the requests with the internal URL scheme to get handled directly. I don't think PCAP will have the traces. There are some good articles about NSURLProtocol such as here and here. So no SSL is needed. On the other hand, this means that with iOS PhoneGap plugin, you are not able to access to the local database via HTTP requests outside the app.
To use the local database from outside the app, you will need to spin a the listener object. I'm not sure how this will work in the real app as when the app goes into the background mode, there is a time limit by the OS for the tasks to be run. I'm not sure what is the CORS issue that you have. Can you describe about that more or open a new ticket. I saw @jamiltz submitted a PR related to CORS to add a CORS enabled flag to the LiteServ which utilizes the listener object. You can check that as well if it could solve the issue that you have. |
In iOS is it possible for 3rd party app to access CBL server using REST requests.(Knowing the db name and credentials)?
In Android, this security issue is reported in below link
couchbase/couchbase-lite-java-listener#48 (comment)
Does this issue is applicable for iOS also ?
Thanks,
Anil Kumar
The text was updated successfully, but these errors were encountered: