couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Catherine Jones <>
Subject granting read-only access to anonymous users
Date Thu, 22 Jul 2010 21:47:54 GMT
I have a couch database (with an admin and and an admin password
defined) that's sitting behind an nginx proxy. The ngin proxy routes
traffic between on my VPS and the public address
of http://my_domain_name/subdirectory_name. I want anonymous visitors to
my website to be able to read from the database but not write to it. 

While I can include validation functions in my design documents, this
doesn't, as far as I can tell, prevent an anonymous person from sending
a request like:

curl -X PUT http://my_domain_name/subdirectory_name/my_database_name/
                   "some_new_doc_id" -d @some_json_file

and thus writing a new document to the database. I can use an obscure
name for the database, of course, but isn't there some better way? Am I
missing something here?  Thanks...


View raw message