incubator-couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Robert Newson <rnew...@apache.org>
Subject Re: Disabling doc include
Date Wed, 01 Jan 2014 23:27:41 GMT
"there’s no notion of read-protection in CouchDB."

There’s no document level read protection, but you can certainly grant or deny read access
to users on a per database basis. That’s by design due to the ease that information could
leak out through views (particularly reduce views). The restrictive proxy approach is brittle,
it requires that you know all the URL patterns to block and keep them up to date when you
upgrade CouchDB. It can work, it’s just not awesome.

B.

 .

On 1 Jan 2014, at 20:47, Jens Alfke <jens@couchbase.com> wrote:

> 
> On Dec 31, 2013, at 1:44 AM, meredrica <stuff@meredrica.org> wrote:
> 
>> I expose CouchDB directly to mobile clients and wanted to hide some 
>> information from them.
> 
> You can’t really do that; there’s no notion of read-protection in CouchDB.
> As a workaround you can put CouchDB behind a proxy or gateway, and restrict the URL patterns
that clients are allowed to send.
> 
> —Jens
> 


Mime
View raw message