summaryrefslogtreecommitdiff
path: root/etc
diff options
context:
space:
mode:
authorJan Lehnardt <jan@apache.org>2010-07-26 11:20:18 +0000
committerJan Lehnardt <jan@apache.org>2010-07-26 11:20:18 +0000
commit04f3d9892ba7a16b1431f07ac5dc031ff3bf285a (patch)
tree51f317121851954e64f0cd83dd1943bdfbd94b01 /etc
parent6121e10adfe0095247852565d860d99590be213e (diff)
Multi-part patch to enable white-listing of _config API values:
1. Refactor read-only config handlers to be near each other 2. Refactor PUT and DELETE config handlers to a wrapper 3. Support a whitelist for modifying the config via HTTP, itself stored in the config 4. Document the whitelist process Patch(es) by Jason Smith. Closes COUCHDB-835. git-svn-id: https://svn.apache.org/repos/asf/couchdb/trunk@979242 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'etc')
-rw-r--r--etc/couchdb/local.ini7
1 files changed, 7 insertions, 0 deletions
diff --git a/etc/couchdb/local.ini b/etc/couchdb/local.ini
index f20b197a..1b31933c 100644
--- a/etc/couchdb/local.ini
+++ b/etc/couchdb/local.ini
@@ -13,6 +13,13 @@
; Uncomment next line to trigger basic-auth popup on unauthorized requests.
;WWW-Authenticate = Basic realm="administrator"
+; Uncomment next line to set the configuration modification whitelist. Only
+; whitelisted values may be changed via the /_config URLs. To allow the admin
+; to change this value over HTTP, remember to include {httpd,config_whitelist}
+; itself. Excluding it from the list would require editing this file to update
+; the whitelist.
+;config_whitelist = [{httpd,config_whitelist}, {log,level}, {etc,etc}]
+
[couch_httpd_auth]
; If you set this to true, you should also uncomment the WWW-Authenticate line
; above. If you don't configure a WWW-Authenticate header, CouchDB will send