incubator-couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Randall Leeds <randall.le...@gmail.com>
Subject Re: to CouchApp or not to CouchApp
Date Wed, 03 Aug 2011 21:22:22 GMT
On Wed, Aug 3, 2011 at 14:19, Randall Leeds <randall.leeds@gmail.com> wrote:
> On Tue, Aug 2, 2011 at 16:55, Max Ogden <max@maxogden.com> wrote:
>> My point with vhosts and security was that if you arent exposing couch to
>> the world you can route requests for certain couch-hosted domains to your
>> couch and let vhosts limit the exposed API.
>>
>> this means you need to run something like nginx in front of couch and
>> register couch as an nginx upstream. then when people hit your domain they
>> will be routed directly to the _rewrite handler and you can expose whatever
>> you want from there
>>
>> if you expose the root api of couch over the internet there aren't built in
>> ways to lock down everything. the solution would be to not expose the couch
>> root api.
>
> To add to this, when you create a vhost configuration on iriscouch, I
> believe iriscouch actually sees that configuration change and changes
> a downstream proxy. Submitting a request without a Host header will
> make it so that iriscouch does not know where to route your request
> and it returns an error.
>
> Now there's still the problem that if someone knows your
> username.iriscouch.com address they can bypass that. It would be a
> valid question for iriscouch support to ask whether that can be locked
> down by requiring a valid user, at which point you could use vhosts
> pretty securely.

Here I mean to say that require_valid_user=true is great for locking
down your couch, but one might want to only lock down the raw couch
interface and not require a valid user when going through a vhost, so
you could still have a logged out public landing page for your
couchapp.

>
> Security on CouchDB is evolving slowly, and so is the power of
> CouchApps. Keep the comments and questions rolling because it keeps
> the devs mulling, and, as always...
>
> ...patches welcome. :)
>

Mime
View raw message