Return-Path: 
 <dev-return-15940-apmail-couchdb-dev-archive=couchdb.apache.org@couchdb.apache.org>
X-Original-To: apmail-couchdb-dev-archive@www.apache.org
Delivered-To: apmail-couchdb-dev-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 708BA397B
	for <apmail-couchdb-dev-archive@www.apache.org>;
 Wed,  4 May 2011 06:12:29 +0000 (UTC)
Received: (qmail 33215 invoked by uid 500); 4 May 2011 06:12:29 -0000
Delivered-To: apmail-couchdb-dev-archive@couchdb.apache.org
Received: (qmail 33086 invoked by uid 500); 4 May 2011 06:12:28 -0000
Mailing-List: contact dev-help@couchdb.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:dev-help@couchdb.apache.org>
List-Unsubscribe: <mailto:dev-unsubscribe@couchdb.apache.org>
List-Post: <mailto:dev@couchdb.apache.org>
List-Id: <dev.couchdb.apache.org>
Reply-To: dev@couchdb.apache.org
Delivered-To: mailing list dev@couchdb.apache.org
Received: (qmail 33065 invoked by uid 99); 4 May 2011 06:12:27 -0000
Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 04 May 2011 06:12:27 +0000
X-ASF-Spam-Status: No, hits=-0.7 required=5.0
	tests=FREEMAIL_FROM,RCVD_IN_DNSWL_LOW,RFC_ABUSE_POST,SPF_PASS,T_TO_NO_BRKTS_FREEMAIL
X-Spam-Check-By: apache.org
Received-SPF: pass (athena.apache.org: domain of bchesneau@gmail.com
 designates 209.85.214.52 as permitted sender)
Received: from [209.85.214.52] (HELO mail-bw0-f52.google.com) (209.85.214.52)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 04 May 2011 06:12:21 +0000
Received: by bwj24 with SMTP id 24so1152210bwj.11
        for <dev@couchdb.apache.org>; Tue, 03 May 2011 23:11:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=gamma;
        h=domainkey-signature:mime-version:in-reply-to:references:date
         :message-id:subject:from:to:content-type:content-transfer-encoding;
        bh=Jh8ltE5CQepSAtf2pJjBlwA1Y0M2TVBpOZS9X7Q50yw=;
        b=X9rogEPVE8OtXQEmYqFm4TV4R1YN9xKWIOuK6XXlwAVT57ETNbi4m0R+0nsm+HZlSY
         zzkqtYSvbIPp55I2VRKjnmJqMBgZMjtFj2PdF3aUWjjzzHGoyO0TTs7+u3G1hCAqaxDn
         YxUx/OP66ZOACKra8RlxeOnoDGnyWzIHDzuLA=
DomainKey-Signature: a=rsa-sha1; c=nofws;
        d=gmail.com; s=gamma;
        h=mime-version:in-reply-to:references:date:message-id:subject:from:to
         :content-type:content-transfer-encoding;
        b=N72UdYXL2QTsrb0TEuwRHH2iGj4SJMDshnS5yG50Zbt7IamXH2O1mIX240/1A777ws
         LrDvR9NAjehmLiME12BOKSALSm7iG2r2cx1k67xi2WrATMfIHe6RxOjoqOPOCAcOFU3Y
         w95ALqLsFbFLASjCNJm/vzzY68vJbX65VNOBw=
MIME-Version: 1.0
Received: by 10.204.154.88 with SMTP id n24mr719991bkw.38.1304489519497; Tue,
 03 May 2011 23:11:59 -0700 (PDT)
Received: by 10.204.32.77 with HTTP; Tue, 3 May 2011 23:11:59 -0700 (PDT)
In-Reply-To: <4DBFB605.4000702@gmx.net>
References: <4DBFB605.4000702@gmx.net>
Date: Wed, 4 May 2011 08:11:59 +0200
Message-ID: <BANLkTi=X8twodz4enkAM3ChkQmGzfW5RJA@mail.gmail.com>
Subject: Re: sponsoring secure vhost/rewrites
From: Benoit Chesneau <bchesneau@gmail.com>
To: dev@couchdb.apache.org
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

On Tue, May 3, 2011 at 10:00 AM, Martin Hilbig <blueonyx@gmx.net> wrote:
> hi,
>
> i want to program and rent couchapps. i want couchdb/bigcouch to be my db=
,
> app and webserver.
>
> i dont want a middlelayer like a(n) (apache) proxy, just to filter out
> clients which try cheating by using no Host header or ../../../ url
> trickery.
>
> can this be accomplished already? sadly i didnt find anything and i remem=
ber
> @janl telling me that vhosts and rewrites arent meant to be security
> features. why is that so?
>
> my naive thoughts of a secure vhost handling which makes proxies obsolete=
:
>
> * the vhost handler should redirect clients with no Host header to a
> "default" vhost or send a 403/404.

You can't do that, it would remove the ability to access to couchdb
until vhosts are on the same port or couch db api prefixed. You can
however change the way welcome works, there is a patch in jira for
that.

>
> * requests containing (to many) .. or starting with _ in the resource sho=
uld
> also get redirected/404/403ed too.
>
> what other requests can you think of to circumvent the vhost
> handler/rewriter?

To sandbox couchapps ypu may ned more works, to filter db access & co.

>
> are the 2 points above already possible today? please redirect me to docs=
.
>
> where should i start hacking, when i want to implent them myself?

hacking couch_httpd_vhosts.erl or you can change the redirect function
to adapt it to your own use:

%%    [httpd]
%%    redirect_vhost_handler =3D {Module, Fun}
%%
%% The function take 2 args : the mochiweb request object and the target
%%% path.

>
> is anyone willing to implement them for me (or see how far she gets) in 1=
0h
> =3D 100eurs? yea this means i want those points so hard i would throw in =
10h
> hours or 100eurs or 100$ to get someone (at least) started on them. is th=
is
> okay or inappropriate here or is there a better place for couchdb job off=
ers
> (maybe the user@ list)?
>
> have fun
> martin
>
>

10$/h isn't so much :) I'm working on a new couchapp engine, that will
be probably released this monthand rework the way vhosts are work. In
the the mean time don't hesitate to play with the code :)

- beno=EEt