I'm trying to configure my custom JDBC connection to be as safe as
practical.
Years gone by, I would simply check if the URL (configured-property) had
"localhost" in it, and do nothing. Recently I decided I'd check for
localhost AND see if any "ssl" was explicitly already set in the URL.
If not, I tried adding ssl=true as a connection param. This fails when
using a postgresql docker container, because they typically are not
configured for SSL, but the hostname is also not "localhost".
Besides changing my logic to add "sslmode=prefer" (instead of "true",
which may be the default anyway), does anyone have a good way to
determine if the JDBC URL is actually a docker container running on the
same host?
Currently running v16.x, but these modes haven't changed in a long time,
so I suppose this question applies across currently supported versions.
Thanks in advance,
AJ
