incubator-couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tim Tisdall <>
Subject Re: Possible validation security issue
Date Thu, 30 Aug 2012 21:33:42 GMT
^_^  I'm fairly new to couchdb, too.  I only figured that out because
I saw on the page you linked to that it referred to a previous chapter
and I went to it to see if there was any clarification or if the code
was the same.  It probably should be tweaked a bit so it's a little
more clear what the chunk of code is intended to do.

You should post something in the issues tracker and see if they'll change it...


On Thu, Aug 30, 2012 at 5:09 PM, Wordit <> wrote:
> On Wed, Aug 29, 2012 at 10:32 PM, Tim Tisdall <> wrote:
>> I think that chunk of code is to ensure that when someone saves a
>> change to a document that they also have to sign it with their own
>> user name.
> That would certainly make sense for a wiki application, but I think
> it's unclear because "author" is not defined. Is it the current user
> editing the document, or the previous user who edited the document?
> The example is misleading to people learning couchDB. In my case, I'm
> re-visiting couchDB after 20 months not using it and had forgotten
> about how oldDoc/newDoc works. I found the same code example referring
> to the definitive guide in another post, possibly in a different
> forum. The poster had the same expectation I did and the people
> replying did not correct or change that expectation.
> When you have more in-depth knowledge of how couchDB works it all
> seems obvious, I'm sure. You probably wonder how anyone could possibly
> misunderstand.
> Marcus

View raw message