browser-nano
Advanced tools
Browser build of nano driver for CouchDB. Direct nano build with browserify lends 1MB+ file after minification, broser-nano offers 125KB version (77KB for light).
Available with npm and bower
npm install browser-nano
bower install browser-nano
browser-nano's version corresponds to nano's version (in alpha for the moment)
dist/browser-nano.full.jsdist/browser-nano.full.min.jsdist/browser-nano.light.jsdist/browser-nano.light.min.jslight doesn't support follow and followUpdates methods but offers 100KB of size decrease in return.
Refer to original documentation
To include browser-nano to your web page add following tag:
<script src="browser-nano.light.min.js"></script>
that will populate global scope with nano variable
Unlike NodeJs nano version, we often deal with cross-domain, cross-port, cross-protocol requests in browser. To enable CORS:
var couch = nano({
url: 'http://api.host.tld',
cors: true
});
This will tell browser-nano to attach credential headers (CouchDB's AuthSession cookie) to each request.
Note. CORS and cookie authentication should be enabled in CouchDB config:
[couch_httpd_auth]
allow_persistent_cookies = true
require_valid_user = true
[httpd]
enable_cors = true
[cors]
credentials = true
origins = *
To perform requests with basic auth information:
var couch = nano('http://username:password@api.host.tld');
or
var couch = nano({url: 'http://username:password@api.host.tld'});
CouchDB with enabled basic auth and session cookie has peculiarity to require valid user (basic auth headers) when accessing session endpoint which actually initiates new session for specified user name and password fields.
Once again, you required to provide basic auth headers to post auth information (form fields) to get a session cookie.
On the server-side situation could be handled with:
require('request').post('http://login:password@api.host.tld/_session', {form: {
name: login,
password: password
}}, function (err, response) {
// parse AuthSession cookie from response
});
But can't be handled from browser if session endpoint is CORS to your current location. Because of OPTIONS preflight request which doesn't pass any credentials for security reasons.
Is to proxy session endpoint request from a server-side using technique above and pass parsed cookie down to the browser. Just don't forget to toss in Access-Control-Allow-Credentials: true header along with Set-Cookie: AuthSession=.... for cookie you've got.
When using CouchDB through HTTPS protocol with self-signed certificate need to manually accept it first. This could be done by accessing Couch's web admin-console on https-port manually. Otherwise, will get 'Invalid certificate error', 'NET::ERR_CERT_INVALID' or something similar, depends on browser.
FAQs
nano couchdb client built for browser
We found that browser-nano demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
A supply chain attack on Axios introduced a malicious dependency, plain-crypto-js@4.2.1, published minutes earlier and absent from the project’s GitHub releases.
Research
Malicious versions of the Telnyx Python SDK on PyPI delivered credential-stealing malware via a multi-stage supply chain attack.
Security News
TeamPCP is partnering with ransomware group Vect to turn open source supply chain attacks on tools like Trivy and LiteLLM into large-scale ransomware operations.