incubator-couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Robert Newson <rnew...@apache.org>
Subject Re: Limiting doc size to prevent malicious use
Date Thu, 06 Sep 2012 17:35:10 GMT

validate_doc_update is your only other option. It won't stop the attempt, though, but at least
you can reject the write itself.

Perhaps Jason can be persuaded that sending a 4GB JSON body, that will be decoded internally
to a form occupying around twice that, is a feature worth disabling.

Finally, I'll note that max_document_size was broken a while back (and no one noticed) and
will be restored in CouchDB 1.3.

B.

On 6 Sep 2012, at 17:28, Wordit wrote:

> How do you best limit the size of docs? The default setting is 4GB
> (and currently I can't change max_document_size on iriscouch.com). But
> maybe that's the wrong place anyway?
> 
> I want to prevent malicious persons from dumping huge data amounts
> into the couch. Should it be done in an update function? If so I'm not
> sure how to do that for the whole doc size.
> 
> Thanks for any help,
> 
> Marcus


Mime
View raw message