incubator-couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From J Chris Anderson <jch...@gmail.com>
Subject Re: view security
Date Wed, 12 May 2010 20:46:53 GMT

On May 12, 2010, at 10:51 AM, Deistl Ross wrote:

> I'm sure there is a solution to this issue.  I have a view that is normally accessed
from the web with a key, which works fine.  When the view is accessed without the key, it,
of course, will expose all the view records. Is there a way to only allow view access with,
in this case,the  key, or startkey, endkey or other parameter, to stop exposing all the view
records?  Sort of like validation for database access, instead of updates.

You've got to handle that in a proxy.

Or you can copy only the public records to a public db, and allow open access to that db.
Depends on your app model.

Chris
Mime
View raw message