From dev-return-9133-apmail-couchdb-dev-archive=couchdb.apache.org@couchdb.apache.org Mon Mar 15 17:23:29 2010 Return-Path: Delivered-To: apmail-couchdb-dev-archive@www.apache.org Received: (qmail 76925 invoked from network); 15 Mar 2010 17:23:29 -0000 Received: from unknown (HELO mail.apache.org) (140.211.11.3) by 140.211.11.9 with SMTP; 15 Mar 2010 17:23:29 -0000 Received: (qmail 84699 invoked by uid 500); 15 Mar 2010 17:22:42 -0000 Delivered-To: apmail-couchdb-dev-archive@couchdb.apache.org Received: (qmail 84657 invoked by uid 500); 15 Mar 2010 17:22:41 -0000 Mailing-List: contact dev-help@couchdb.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@couchdb.apache.org Delivered-To: mailing list dev@couchdb.apache.org Received: (qmail 84649 invoked by uid 99); 15 Mar 2010 17:22:41 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 15 Mar 2010 17:22:41 +0000 X-ASF-Spam-Status: No, hits=0.0 required=10.0 tests=FREEMAIL_FROM,SPF_PASS,T_TO_NO_BRKTS_FREEMAIL X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of paul.joseph.davis@gmail.com designates 209.85.160.180 as permitted sender) Received: from [209.85.160.180] (HELO mail-gy0-f180.google.com) (209.85.160.180) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 15 Mar 2010 17:22:34 +0000 Received: by gyc15 with SMTP id 15so1522782gyc.11 for ; Mon, 15 Mar 2010 10:22:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :from:date:message-id:subject:to:content-type; bh=kvKEsdxWdm/o2r+Vd/8Y23sORokhZhxXunnwBZ0qxJE=; b=QmHKP5ZlvqLhU2uuertrbxCRlzoalZA+RAaOzwZ5YNjjpLMKiawW/IPiN1J5uD53wS nwQSDgeZKwJlEnr3HRuO1pIyT98FqLU7m5D154dWIp4clAkl8+Dw5lk4hudFKbeMXdBJ UZZPqEUodfKcStFuWIJfyP/FLuxk8zwG8pxis= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :content-type; b=HcsGaHD14s7RJ8+1n9ii2SrKoOeGm0Klb4sKgBxTdXcw8XQI1b0dvrgwZyspksMGhx SqJJpFpYrmfc/sBEuqaWUvdPHzSxS/zAJJY5ug9q5eor0FpajFoLX2NjDbP2nJCEmrea URubsjvAJF9YsA0OIp51/NS6YftT0EZo9emhs= MIME-Version: 1.0 Received: by 10.101.205.26 with SMTP id h26mr8839065anq.170.1268673733312; Mon, 15 Mar 2010 10:22:13 -0700 (PDT) In-Reply-To: <4331FFCF-B1D1-4A14-8F23-F68D0401B382@apache.org> References: <4331FFCF-B1D1-4A14-8F23-F68D0401B382@apache.org> From: Paul Davis Date: Mon, 15 Mar 2010 13:21:53 -0400 Message-ID: Subject: Re: default vhost config option To: dev@couchdb.apache.org Content-Type: text/plain; charset=ISO-8859-1 X-Virus-Checked: Checked by ClamAV on apache.org > Apache CouchDB discussions must happen on a mailing list. Hence, this thread. XD [11:25] mmmm [11:26] about Host header and vhost [11:26] couldn't we simply forbid messages without Host ? [11:26] benoitc: sounds like a config option [11:26] yup [11:27] that would solve the need of a proxy for some uses I guess [11:27] with a default virtualhost to nothing [11:28] (or an info page) [11:28] Oh, maybe that's a better config options, "defualt_vhost" like most web servers use [11:28] yes right [11:30] mmm i could implement that anything against ? [11:32] Sounds like a question for dev@ I don't think this discussion should have anything to do with security. A rewrite/vhost configuration is not a substitute for a proper security system. HTH, Paul