I asked a similar question on the nextcloud app form, but I haven't really gotten a response. Not sure if this is a different group here or not, but I thought I'd ask here too just in case.
Basically how does one prevent a user from going directly to the draw.io url via the proxy? Basically if I want to integrate draw.io in my nextcloud instance, I don't want my draw.io docker instance directly exposed so just any user can use it if they figure out the hostname/url for it. Please let me know any thoughts anyone may have on the subject. I feel like this would probably help with the security of a lot of apps that rely on an apache proxy to expose a backend.
The goal is to ensure only Nextcloud authenticated users can use my draw.io instance.
I asked a similar question on the nextcloud app form, but I haven't really gotten a response. Not sure if this is a different group here or not, but I thought I'd ask here too just in case.
Basically how does one prevent a user from going directly to the draw.io url via the proxy? Basically if I want to integrate draw.io in my nextcloud instance, I don't want my draw.io docker instance directly exposed so just any user can use it if they figure out the hostname/url for it. Please let me know any thoughts anyone may have on the subject. I feel like this would probably help with the security of a lot of apps that rely on an apache proxy to expose a backend.
The goal is to ensure only Nextcloud authenticated users can use my draw.io instance.