couchdb-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From d..@apache.org
Subject [24/50] [abbrv] couchdb commit: updated refs/heads/1.6.x to d2ac597
Date Tue, 01 Apr 2014 17:42:06 GMT
Configurable upper bound to _uuids count parameter


Project: http://git-wip-us.apache.org/repos/asf/couchdb/repo
Commit: http://git-wip-us.apache.org/repos/asf/couchdb/commit/0fb5aa9e
Tree: http://git-wip-us.apache.org/repos/asf/couchdb/tree/0fb5aa9e
Diff: http://git-wip-us.apache.org/repos/asf/couchdb/diff/0fb5aa9e

Branch: refs/heads/1.6.x
Commit: 0fb5aa9e67bd291ca2638dba961f4ddd3f6ccb3e
Parents: 198bea3
Author: Robert Newson <rnewson@apache.org>
Authored: Tue Mar 25 15:02:50 2014 +0000
Committer: Robert Newson <rnewson@apache.org>
Committed: Tue Mar 25 16:16:18 2014 +0000

----------------------------------------------------------------------
 etc/couchdb/default.ini.tpl.in            | 2 ++
 share/www/script/test/uuids.js            | 4 ++++
 src/couchdb/couch_httpd_misc_handlers.erl | 5 +++++
 3 files changed, 11 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/couchdb/blob/0fb5aa9e/etc/couchdb/default.ini.tpl.in
----------------------------------------------------------------------
diff --git a/etc/couchdb/default.ini.tpl.in b/etc/couchdb/default.ini.tpl.in
index fd953c2..32537e0 100644
--- a/etc/couchdb/default.ini.tpl.in
+++ b/etc/couchdb/default.ini.tpl.in
@@ -217,6 +217,8 @@ algorithm = sequential
 ; The utc_id_suffix value will be appended to uuids generated by the utc_id algorithm.
 ; Replicating instances should have unique utc_id_suffix values to ensure uniqueness of utc_id
ids.
 utc_id_suffix =
+# Maximum number of UUIDs retrievable from /_uuids in a single request
+max_count = 1000
 
 [stats]
 ; rate is in milliseconds

http://git-wip-us.apache.org/repos/asf/couchdb/blob/0fb5aa9e/share/www/script/test/uuids.js
----------------------------------------------------------------------
diff --git a/share/www/script/test/uuids.js b/share/www/script/test/uuids.js
index 6f5d223..0f141a9 100644
--- a/share/www/script/test/uuids.js
+++ b/share/www/script/test/uuids.js
@@ -80,6 +80,10 @@ couchTests.uuids = function(debug) {
     }
   };
 
+  // test max_uuid_count
+  var xhr = CouchDB.request("GET", "/_uuids?count=1001");
+  TEquals(401, xhr.status, "should error when count > max_count");
+
   run_on_modified_server([{
       "section": "uuids",
       "key": "algorithm",

http://git-wip-us.apache.org/repos/asf/couchdb/blob/0fb5aa9e/src/couchdb/couch_httpd_misc_handlers.erl
----------------------------------------------------------------------
diff --git a/src/couchdb/couch_httpd_misc_handlers.erl b/src/couchdb/couch_httpd_misc_handlers.erl
index 96a05c6..67e3a12 100644
--- a/src/couchdb/couch_httpd_misc_handlers.erl
+++ b/src/couchdb/couch_httpd_misc_handlers.erl
@@ -105,7 +105,12 @@ handle_restart_req(Req) ->
 
 
 handle_uuids_req(#httpd{method='GET'}=Req) ->
+    Max = list_to_integer(couch_config:get("uuids","max","1000")),
     Count = list_to_integer(couch_httpd:qs_value(Req, "count", "1")),
+    case Count > Max of
+        true -> throw({forbidden, <<"count parameter too large">>});
+        false -> ok
+    end,
     UUIDs = [couch_uuids:new() || _ <- lists:seq(1, Count)],
     Etag = couch_httpd:make_etag(UUIDs),
     couch_httpd:etag_respond(Req, Etag, fun() ->


Mime
View raw message