Return-Path: Delivered-To: apmail-couchdb-user-archive@www.apache.org Received: (qmail 69259 invoked from network); 9 Nov 2010 22:09:35 -0000 Received: from unknown (HELO mail.apache.org) (140.211.11.3) by 140.211.11.9 with SMTP; 9 Nov 2010 22:09:35 -0000 Received: (qmail 37396 invoked by uid 500); 9 Nov 2010 22:10:04 -0000 Delivered-To: apmail-couchdb-user-archive@couchdb.apache.org Received: (qmail 37326 invoked by uid 500); 9 Nov 2010 22:10:03 -0000 Mailing-List: contact user-help@couchdb.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: user@couchdb.apache.org Delivered-To: mailing list user@couchdb.apache.org Received: (qmail 37318 invoked by uid 99); 9 Nov 2010 22:10:03 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 09 Nov 2010 22:10:03 +0000 X-ASF-Spam-Status: No, hits=3.6 required=10.0 tests=FREEMAIL_FROM,FS_REPLICA,RCVD_IN_DNSWL_NONE,SPF_PASS,T_TO_NO_BRKTS_FREEMAIL X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of randall.leeds@gmail.com designates 209.85.161.52 as permitted sender) Received: from [209.85.161.52] (HELO mail-fx0-f52.google.com) (209.85.161.52) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 09 Nov 2010 22:09:57 +0000 Received: by fxm8 with SMTP id 8so1462425fxm.11 for ; Tue, 09 Nov 2010 14:09:36 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:content-type; bh=adJ1pNaHtgQpb8DJuIZylR/O8/ssnP29Y4V29YLCSvk=; b=xr4jJagRIjeW20JvVrsUictX7P40pJNUDpbeuxBHFH1FX1MLJLY1NdIZB+NKWu1SDX Grw2vLh2VQMeT0C9KXvErMVD88cZpJsXAb7CAg60EfuI5ujHkkQGcl9WtvApIAgDVVoP wkQZ4oVja3EYjqjp5P/R3oNqWFs9AyDQWa310= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; b=XLGYGdsEMGj8+FUQEqbYm05G3VgwT1sZ1ORAT8o/MbH7dPGdwchYr/sP6MjU3eruc/ kWW4iTgCQC/OqY+L/haJ5gP5Vrk9Kl93cVnJkFGZB1OO0Q4Zhv8N2PV1XPKqF1TKeDpk qFTpqmdqUcMNgRl+pv3oa1ZuuQg6DAfbEN7Is= MIME-Version: 1.0 Received: by 10.223.121.4 with SMTP id f4mr1869270far.71.1289340575941; Tue, 09 Nov 2010 14:09:35 -0800 (PST) Received: by 10.223.79.13 with HTTP; Tue, 9 Nov 2010 14:09:35 -0800 (PST) In-Reply-To: References: Date: Tue, 9 Nov 2010 14:09:35 -0800 Message-ID: Subject: Re: Can I prevent replication of design documents? From: Randall Leeds To: user@couchdb.apache.org Content-Type: text/plain; charset=UTF-8 You can't restrict read access to the design document using permissions because then I think your application would not be able to access views, shows, lists, updates, etc. However, you could perhaps restrict network access to these resources explicitly. Put a reverse proxy in front of your couch that forbids access to everything under /db/_design/app* except /db/_design/app/_(show|list|view|update)*. This way, the user context for CouchDB within which your visitors access the views and lists will still have access to the design document (you have not changed the document permissions), but external attempts to fetch the code itself will be blocked. Just be careful that none of your other code (such as a show function) can be used to format and display the design document itself. This might work, but I haven't thought about it longer than a minute. Let me know what you find if you investigate. On Tue, Nov 9, 2010 at 13:45, Hendrik Jan van Meerveld wrote: > Hi All, > > I'm trying to move a website from Drupal to Couchdb. > For this I am wondering whether there is a way to prevent > website visitors from replicating the whole website to their > home computers. > Does anybody know of such an option? Does it work on the CouchOne > shared hosting? > > Same goes for an application that the company where I work uses. > It would be great if it could be rewritten from its current > incarnation to a Couchdb application, but that's not an option > if the whole world can replicate the application. > > Thanks for any help. >