couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Catherine Jones <cathj...@gmail.com>
Subject granting read-only access to anonymous users
Date Thu, 22 Jul 2010 21:47:54 GMT
I have a couch database (with an admin and and an admin password
defined) that's sitting behind an nginx proxy. The ngin proxy routes
traffic between http://127.0.0.1:5984 on my VPS and the public address
of http://my_domain_name/subdirectory_name. I want anonymous visitors to
my website to be able to read from the database but not write to it. 

While I can include validation functions in my design documents, this
doesn't, as far as I can tell, prevent an anonymous person from sending
a request like:

curl -X PUT http://my_domain_name/subdirectory_name/my_database_name/
                   "some_new_doc_id" -d @some_json_file

and thus writing a new document to the database. I can use an obscure
name for the database, of course, but isn't there some better way? Am I
missing something here?  Thanks...

Catherine




Mime
View raw message