couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Robert Kowalski (JIRA)" <>
Subject [jira] [Resolved] (COUCHDB-2469) Unauthorized access via apache reverse proxy drops path component
Date Wed, 10 Dec 2014 11:12:13 GMT


Robert Kowalski resolved COUCHDB-2469.
    Resolution: Fixed
      Assignee: Robert Kowalski

Hi Adrian,

the first error from the JavaScript console is not related to the problem. (the prototype

Regarding the path to _session: the new Fauxton Webinterface posts directly to the _session
endpoint at _session (see and not /db/_session.

I am not an expert in Apache rules but I think you have to add a rule or modify the existing
one. (probably remove the "db/") so we can reach /_session at ""

If you want to definitely use /db/ as the root for Fauxton you can play with the app.root
and in
and create and deploy a custom Fauxton build.

See also

> Unauthorized access via apache reverse proxy drops path component
> -----------------------------------------------------------------
>                 Key: COUCHDB-2469
>                 URL:
>             Project: CouchDB
>          Issue Type: Bug
>      Security Level: public(Regular issues) 
>          Components: Fauxton, HTTP Interface
>            Reporter: Adrian Aichner
>            Assignee: Robert Kowalski
> I use this apache reverse proxy setting
>         ProxyPass /db/ nocanon
>         ProxyPassReverse /db/
> because I was not able to get firefox https access to work with self-signed certificate
on port 6984.
> While futon handles this fine, redirecting me to
> https://my.server/db/_session
> for auth, fauxton drops the /db/ components, gets 404 on
> https://my.server/_session
> with no way to recover from #noAccess:
> GET https://my.server/db/_utils/fauxton/js/require.js [HTTP/1.1 200 OK 5734ms]
> mutating the [[Prototype]] of an object will cause your code to run very slowly; instead
create the object with the correct initial [[Prototype]] value using Object.create require.js:12:31617
> GET https://my.server/_session [HTTP/1.1 404 Not Found 31ms]

This message was sent by Atlassian JIRA

View raw message