Not the author of the post, but I guess the author meant that using JavaScript t... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

pulse7 on Nov 30, 2021 | parent | context | favorite | on: PostgREST 9.0

Not the author of the post, but I guess the author meant that using JavaScript to communicate directly with PostgreSQL database over PostgREST is "architectural code smell": in this case database can easily be hacked and everybody could write to/remove anything from such an unprotected database...

afavour on Nov 30, 2021 | [–]

But Postgres has row level security, so the OP would be wrong in that case.

TranquilMarmot on Nov 30, 2021 | | [–]

Who said anything about JavaScript? It's REST so you can hit it with any language, right?

jokethrowaway on Nov 30, 2021 | [–]

Not if you setup permissions properly

Join us for AI Startup School this June 16-17 in San Francisco!
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact