incubator-couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Wordit <wordi...@gmail.com>
Subject Re: Limiting doc size to prevent malicious use
Date Thu, 06 Sep 2012 17:50:50 GMT
On Thu, Sep 6, 2012 at 7:35 PM, Robert Newson <rnewson@apache.org> wrote:
>
> validate_doc_update is your only other option. It won't stop the attempt, though, but
at least you can reject the write itself.

Thanks, I've been wondering how to achieve this. I can test the size
of each field, but a malicious user can create a new field to dump the
data in, right?

A require function assures certain fields exist, but can you limit the
fields to specific names? That way, you know which fields to check the
string lengths of.

Thanks,

Marcus

Mime
View raw message