From 04f3d9892ba7a16b1431f07ac5dc031ff3bf285a Mon Sep 17 00:00:00 2001 From: Jan Lehnardt Date: Mon, 26 Jul 2010 11:20:18 +0000 Subject: Multi-part patch to enable white-listing of _config API values: 1. Refactor read-only config handlers to be near each other 2. Refactor PUT and DELETE config handlers to a wrapper 3. Support a whitelist for modifying the config via HTTP, itself stored in the config 4. Document the whitelist process Patch(es) by Jason Smith. Closes COUCHDB-835. git-svn-id: https://svn.apache.org/repos/asf/couchdb/trunk@979242 13f79535-47bb-0310-9956-ffa450edef68 --- etc/couchdb/local.ini | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'etc') diff --git a/etc/couchdb/local.ini b/etc/couchdb/local.ini index f20b197a..1b31933c 100644 --- a/etc/couchdb/local.ini +++ b/etc/couchdb/local.ini @@ -13,6 +13,13 @@ ; Uncomment next line to trigger basic-auth popup on unauthorized requests. ;WWW-Authenticate = Basic realm="administrator" +; Uncomment next line to set the configuration modification whitelist. Only +; whitelisted values may be changed via the /_config URLs. To allow the admin +; to change this value over HTTP, remember to include {httpd,config_whitelist} +; itself. Excluding it from the list would require editing this file to update +; the whitelist. +;config_whitelist = [{httpd,config_whitelist}, {log,level}, {etc,etc}] + [couch_httpd_auth] ; If you set this to true, you should also uncomment the WWW-Authenticate line ; above. If you don't configure a WWW-Authenticate header, CouchDB will send -- cgit v1.2.3