jsonp callbacks are ignored unless jsonp is configured to true

git-svn-id: https://svn.apache.org/repos/asf/couchdb/trunk@946400 13f79535-47bb-0310-9956-ffa450edef68
author: John Christopher Anderson <jchris@apache.org> 2010-05-19 21:14:28 +0000
committer: John Christopher Anderson <jchris@apache.org> 2010-05-19 21:14:28 +0000
commit: ea00c0491ce7b8642979bd5195aa4851a63eae25 (patch)
tree: 23b56179b4cc9c3354268a838cd2737513a4f3a5 /src/couchdb
parent: 98e34f7e65d344e846b04eaea73d841f9da9cd9c (diff)
1 files changed, 12 insertions, 2 deletions
diff --git a/src/couchdb/couch_httpd.erl b/src/couchdb/couch_httpd.erl
index 00bfc196..15b3de1a 100644
--- a/src/couchdb/couch_httpd.erl
+++ b/src/couchdb/couch_httpd.erl
@@ -593,8 +593,18 @@ start_jsonp(Req) ->
         [] -> [];
         CallBack ->
             try
-                validate_callback(CallBack),
-                CallBack ++ "("
+                % make sure jsonp is configured on (default off)
+                case couch_config:get("httpd", "jsonp", "false") of
+                "true" -> 
+                    validate_callback(CallBack),
+                    CallBack ++ "(";
+                _Else -> 
+                    % this could throw an error message, but instead we just ignore the 
+                    % jsonp parameter
+                    % throw({bad_request, <<"JSONP must be configured before using.">>})
+                    put(jsonp, no_jsonp),
+                    []
+                end
             catch
                 Error ->
                     put(jsonp, no_jsonp),
author	John Christopher Anderson <jchris@apache.org>	2010-05-19 21:14:28 +0000
committer	John Christopher Anderson <jchris@apache.org>	2010-05-19 21:14:28 +0000
commit	ea00c0491ce7b8642979bd5195aa4851a63eae25 (patch)
tree	23b56179b4cc9c3354268a838cd2737513a4f3a5 /src/couchdb
parent	98e34f7e65d344e846b04eaea73d841f9da9cd9c (diff)