🥇Features

Security Features

  • Authentication can be configured

    • on the client, either using HTTP Basic Authentication or specifying the credentials in the request;

    • on the server, either by specifying credentials (also with hashed passwords) or providing a query to look them up in the db itself;

  • A database can be opened in read-only mode (only queries will be allowed);

  • It's possible to enforce using only stored statements, to avoid some forms of SQL injection and receiving SQL from the client altogether;

  • CORS Allowed Origin can be configured and enforced;

  • It's possible to bind to a network interface, to limit access.

Some design choices:

  • Very thin layer over SQLite. Errors and type translation, for example, are those provided by the SQLite driver;

  • Doesn't include HTTPS, as this can be done easily (and much more securely) with a reverse proxy;

  • Doesn't support SQLite extensions, to improve portability.

Last updated