couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Paweł Stawicki <>
Subject Re: Common security pattern?
Date Sun, 03 Jan 2010 17:42:56 GMT
On Sun, Jan 3, 2010 at 17:52, Sean Hess <> wrote:
> I'm brand new at this, so I don't know the common way to solve this,
> but I was thinking it should be possible to put it behind nginx or
> apache, and simply return a 503 code if they tried to hit your
> database url instead of a document.

Yes, that's some solution, but what with deleting documents?

> If that doesn't work, you could always put a thin middleware layer in
> front of couch that did nothing but security. (You can get webservers
> to give you the intended URL as a variable)

And yes, this seems to be good solution. This way I can let user
delete, but limit the deletes. This is what I want.

But anyway, I am interested how this issue is usually solved, what is
common pattern.

Paweł Stawicki

View raw message