couchdb-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Apache Wiki <wikidi...@apache.org>
Subject [Couchdb Wiki] Update of "CORS" by DaveCottlehuber
Date Mon, 05 Nov 2012 12:39:03 GMT
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Couchdb Wiki" for change notification.

The "CORS" page has been changed by DaveCottlehuber:
http://wiki.apache.org/couchdb/CORS?action=diff&rev1=3&rev2=4

Comment:
noted TODOs

  
  == CORS References ==
  
-  * [[http://www.w3.org/TR/cors/]]
+  * [[http://www.w3.org/TR/cors/]] CORS standard
+  * [[http://tools.ietf.org/html/rfc6454]] Definition of Origin
   * [[http://hacks.mozilla.org/2009/07/cross-site-xmlhttprequest-with-cors/]]
   * [[https://developer.mozilla.org/En/HTTP_access_control]]
   * [[https://developer.mozilla.org/En/Server-Side_Access_Control]]
@@ -53, +54 @@

  
  == Tightening Access ==
  
- To configure defaults cors settings you need to create the [cors] section in the local.ini
file:
+ === Restricting by Protocol, Host and optional Port ===
  
  {{{
  [cors]
+ ; List of origins, separated by a comma (protocol, host, port)
+ ; refer to http://tools.ietf.org/html/rfc6454 for specification
+ origins = http://home.muse.net.nz:8000, https://localhost, http://www.number10.gov.uk:80
- credentials = false
- ;;; List of origins separated by a comma
- ; origins =
- ;;; List of accepted headers separated by a comma
- ; headers =
- ; List of accepted methods
- ; methods =
  }}}
  
+ === Restricting Accepted Methods ===
+ 
+ {{{
+ [cors]
+ ; List of accepted methods, comma-separated
+ ; refer to http://tools.ietf.org/html/rfc2616, rfc2817, rfc5789
+ methods = GET, POST, PUT, DELETE
+ }}}
+ 
+ === Restricting Accepted Headers ===
+ 
+ {{{
+ [cors]
+ ; List of accepted headers separated by a comma
+ headers = TODO
+ }}}
+ 
+ == Securing at the VHOST level ==
+ 
+ TODO
+ 
  To set the options for a vhost, you will need to create a section with the vhost name prefixed
by "cors:" . Ex for the vhost example.com:
- 
  
  {{{
  ; Configuration for a vhost
@@ -81, +98 @@

  ; methods =
  }}}
  
+ == Credentials ==
+ 
+ TODO
+ 

Mime
View raw message