search

veliovgroup / ostrio-Neo4jreactivity

Meteor.js Neo4j database reactivity layer
https://atmospherejs.com/ostrio/neo4jreactivity
BSD 3-Clause "New" or "Revised" License
51 stars 5 forks source link

Access to database is not hidden on the client #67

Closed akaiworld closed 8 years ago

akaiworld commented 8 years ago

When i open my app in the browser i can easilly find the link with login & password to my graphene database in files on the client.

So anyone can get access to my DB! How to hide my Meteor.neo4j.connectionURL = '...'; line from clients?

dr-dimitru commented 8 years ago

Wrap it into if (Meteor.isServer) { /* set connectionURL here */ };

akaiworld commented 8 years ago

Ok, the problem was that i left the same string commented on the client. When removed, the line disappeared on the clients files.