Closed OmlineEditor closed 1 year ago
sosedoff
commented
1 year ago IMO, If you're concerned about a sniffer on your development machine, then you have a whole new set of problems. What is your use case?
You can alway run pgweb on localhost interface so that no one else on the network can access the endpoint. I would
probably want to avoid adding self-certs into pgweb as its easier to achieve the same result by using nginx/caddy.
OmlineEditor
commented
1 year ago do you have instructions on how to do this using nginx/caddy? I'm a beginner and I don't quite understand how to do it
sosedoff
commented
1 year ago RE Caddy - they have pretty good documentation, see https://caddyserver.com/docs/quick-starts/https. I'll close this since we're not adding any HTTPS support into pgweb itself, but i'll try to create a few examples in the wiki when i get a chance.
By default, the program listens to the address and port http://localhost:8081/
On the computer, someone can intercept neighboring ones because it is not encrypted. A sniffer can simply intercept the connection between your program and the browser. Please add the ability to encrypt the connection via a self-signed certificate for localhost: httpS://localhost:8082/