benzino77
commented
2 years ago Well, to tell the truth I can't remember what was the reason .... ;) Make a PR with that change so we can work on it together.
Using reverse proxy in front of CRA is rather better idea than direct requests. You probably will have more than one instance of CRA in your production environment so you will need balancer in front of it (in k8s you will have deployment with many replicas, service "above" it and ingress at the highest level) anyway.
Hello @benzino77,
I was wondering if there is any specific reason to only scan files with APP_FORM_KEY name ?
There is a use case of your project where we could use it to scan uploaded files to a web (HTTP) app. A reverse proxy can intercept the request and send it back to the CRA if there is at least one uploaded file. But then we need to edit the requests on the fly to replace filenames with APP_FORM_KEY (that will consume resources on the reverse proxy). A pragmatic way of doing it would be to copy (or even better stream) the client request directly to CRA.
Something like that should do the trick :
Let me know what you think.