NOTE: Flexmonster Data Compressor is not used to connect to SQL databases anymore since it is considered deprecated, so the approach described below is not relevant.
The primary aspect of data security focuses on how data is transferred from the database to Flexmonster Pivot. Your back-end application directly communicates with the database which allows you to completely restrict external access to the database. Flexmonster Data Compressor is embedded into this back-end application and allows you to fetch the data from the database. The response may be available at some URL or saved to a file. In both cases, Flexmonster Pivot requests the data from the back-end application instead of establishing a direct connection to the database. The flowchart below illustrates the process:
Due to the same-origin policy, the browser only allows requests that come from the same origin. Сross-origin resource sharing (CORS) allows web applications to make cross-domain requests. The requirement to enable CORS is not imposed by Flexmonster, but by the browser. Visit enable-cors.org to find out how to setup CORS on different types of servers.