couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Wordit <>
Subject Re: Possible validation security issue
Date Thu, 30 Aug 2012 21:09:27 GMT
On Wed, Aug 29, 2012 at 10:32 PM, Tim Tisdall <> wrote:
> I think that chunk of code is to ensure that when someone saves a
> change to a document that they also have to sign it with their own
> user name.

That would certainly make sense for a wiki application, but I think
it's unclear because "author" is not defined. Is it the current user
editing the document, or the previous user who edited the document?

The example is misleading to people learning couchDB. In my case, I'm
re-visiting couchDB after 20 months not using it and had forgotten
about how oldDoc/newDoc works. I found the same code example referring
to the definitive guide in another post, possibly in a different
forum. The poster had the same expectation I did and the people
replying did not correct or change that expectation.

When you have more in-depth knowledge of how couchDB works it all
seems obvious, I'm sure. You probably wonder how anyone could possibly


View raw message