couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tracy Flynn <couc...@thisonejustforme.com>
Subject Re: JavaScript and CouchDB
Date Sat, 16 Oct 2010 00:11:30 GMT
Does 'disable by default' mean it's disabled in the default configuration but could be turned
on if the configuration/compilation option is known? Or that it's simply not available?

If it's truly disabled, then the only solution I can see is to introduce a proxy that allows
a JSON Post (with appropriate security) and then turn around and do the appropriate operations
on CouchDB using permitted HTTP operations.

I'm thinking my way around an associated issue. Some of the feeds I'm supporting with CouchDB
are paid, some are public. The only way I've so far figured out to protect the 'for pay' feeds
and provide metering is to introduce a proxy in front of CouchDB to perform those functions.


On Oct 15, 2010, at 8:01 PM, Mikeal Rogers wrote:

> This is standardized as JSONP which we disable by default because of
> security implications. This only works for GET, doesn't work for PUT.
> 
> On Fri, Oct 15, 2010 at 4:58 PM, Tracy Flynn
> <couchdb@thisonejustforme.com>wrote:
> 
>> Fabio
>> 
>> You might consider the work-around offered by jQuery 1.4.x to the
>> same-origin problem.
>> 
>> In a nutshell, they package all Ajax-like requests as a request for a
>> resource - think image or javascript file - which does NOT have the
>> limitations of the same-origin policy - and then 'unpack' the result and
>> make it available to the client as if the 'Ajax-like' request had been
>> issued directly.
>> 
>> 
>> A fragment like the following does the trick
>> 
>> 
>> <html>
>> 
>> <head>
>>   <title>JSON Call Test Page</title>
>>   <script type="text/javascript" src="
>> http://localhost:8080/javascripts/jquery-1.4.2.min.js"></script>
>>   <script type="text/javascript" src="
>> http://localhost:8080/javascripts/json2.min.js"></script>
>> </head>
>> <body>
>> 
>> <script type="text/javascript">
>>    $(document).ready(function() {
>>        $.getJSON("http://localhost:8080/some.js" ,
>>            function(json){
>>                $("#somelement").html(json.some_variable_containing_html);
>>                $("#somelement").show();
>>            }
>>        )
>>    });
>> 
>> </script>
>> </body>
>> </html>
>> 
>> 
>> The call that services the 'some.js' request just needs to return whatever
>> JSON data you want the call to return. Since it's requesting a resource, and
>> not really making an Ajax call - all is well.
>> 
>> If HTML isn't what you want, you could pass back Javascript embedded in a
>> JSON structure, and then evaluate the result. I've done that successfully
>> too.
>> 
>> Works like a charm where I've used the facility.
>> 
>> Tracy
>> 
>> 
>> On Oct 15, 2010, at 2:41 PM, Paul Davis wrote:
>> 
>>> You'll need to read up on the Same Origin Policy:
>>> 
>>> http://en.wikipedia.org/wiki/Same_origin_policy
>>> 
>>> 
>>> On Fri, Oct 15, 2010 at 2:34 PM, Fabio Batalha C Santos Santos
>>> <fabiobcs@yahoo.com.br> wrote:
>>>> Hello everybody,
>>>> 
>>>> I'm newby in couchDB.
>>>> 
>>>> 
>>>> I'm trying to develop a "Google Analytics" like applications storing
>> access log
>>>> metadata in a CouchDB database. Take a look at
>>>> http://github.com/fabiobatalha/Analytics---CouchDB/tree/master/logger/
>>>> 
>>>> The idea is:
>>>> 
>>>> Create a logger JavaScript that will be responsible to register all
>> accesslog
>>>> metadata in a CouchDB database. It works like the ga.js Google Anaytics.
>> In the
>>>> bottom of each page will hava a call to a JavaScript function that will
>> make use
>>>> of couch.js functions to register logaccess metadata in CouchDB
>>>> 
>>>> The problem:
>>>> 
>>>> I'm trying to make use of the couch.js script but the couch.js on works
>> if the
>>>> request is made from the same host and port were the CouchDB is
>> installed.
>>>> Instead of it, my application is in a different host. How can I
>> configure the
>>>> connection to the couchDB using the couch.js
>>>> 
>>>> 
>>>> Thanks in advance.
>>>> Fabio Batalha
>>>> 
>>>> 
>>>> 
>>>> 
>> 
>> 


Mime
View raw message