incubator-couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Randall Leeds <randall.le...@gmail.com>
Subject Re: to CouchApp or not to CouchApp
Date Wed, 03 Aug 2011 21:19:53 GMT
On Tue, Aug 2, 2011 at 16:55, Max Ogden <max@maxogden.com> wrote:
> My point with vhosts and security was that if you arent exposing couch to
> the world you can route requests for certain couch-hosted domains to your
> couch and let vhosts limit the exposed API.
>
> this means you need to run something like nginx in front of couch and
> register couch as an nginx upstream. then when people hit your domain they
> will be routed directly to the _rewrite handler and you can expose whatever
> you want from there
>
> if you expose the root api of couch over the internet there aren't built in
> ways to lock down everything. the solution would be to not expose the couch
> root api.

To add to this, when you create a vhost configuration on iriscouch, I
believe iriscouch actually sees that configuration change and changes
a downstream proxy. Submitting a request without a Host header will
make it so that iriscouch does not know where to route your request
and it returns an error.

Now there's still the problem that if someone knows your
username.iriscouch.com address they can bypass that. It would be a
valid question for iriscouch support to ask whether that can be locked
down by requiring a valid user, at which point you could use vhosts
pretty securely.

Security on CouchDB is evolving slowly, and so is the power of
CouchApps. Keep the comments and questions rolling because it keeps
the devs mulling, and, as always...

...patches welcome. :)

Mime
View raw message