diff options
author | John Christopher Anderson <jchris@apache.org> | 2010-05-05 19:51:32 +0000 |
---|---|---|
committer | John Christopher Anderson <jchris@apache.org> | 2010-05-05 19:51:32 +0000 |
commit | 8aca45b45b116abaa9594fc7f065128b858613d2 (patch) | |
tree | bc0ffce8882c0ee8ea335906240f33702661ddab /share/www | |
parent | d7d047f439880735377a4b8ea2ce2ef42921fff8 (diff) |
rewriter security to allow isolation of databases via subdomains
git-svn-id: https://svn.apache.org/repos/asf/couchdb/trunk@941451 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'share/www')
-rw-r--r-- | share/www/script/test/rewrite.js | 30 |
1 files changed, 20 insertions, 10 deletions
diff --git a/share/www/script/test/rewrite.js b/share/www/script/test/rewrite.js index 848427be..d3888d9a 100644 --- a/share/www/script/test/rewrite.js +++ b/share/www/script/test/rewrite.js @@ -137,14 +137,7 @@ couchTests.rewrite = function(debug) { "query": { "key": [":a", ":b"] } - }, - - { - "from": "uuids", - "to": "../../../_uuids" } - - ], lists: { simpleForm: stringFun(function(head, req) { @@ -339,12 +332,29 @@ couchTests.rewrite = function(debug) { T(/Value: doc 4/.test(xhr.responseText)); // test path relative to server + designDoc.rewrites.push({ + "from": "uuids", + "to": "../../../_uuids" + }); + T(db.save(designDoc).ok); var xhr = CouchDB.request("GET", "/test_suite_db/_design/test/_rewrite/uuids"); - T(xhr.status == 200); + T(xhr.status == 500); var result = JSON.parse(xhr.responseText); - T(result.uuids.length == 1); - var first = result.uuids[0]; + T(result.error == "insecure_rewrite_rule"); + + run_on_modified_server( + [{section: "httpd", + key: "secure_rewrites", + value: "false"}], + function() { + var xhr = CouchDB.request("GET", "/test_suite_db/_design/test/_rewrite/uuids?cache=bust"); + T(xhr.status == 200); + var result = JSON.parse(xhr.responseText); + T(result.uuids.length == 1); + var first = result.uuids[0]; + }); + }); }
\ No newline at end of file |