From 04f3d9892ba7a16b1431f07ac5dc031ff3bf285a Mon Sep 17 00:00:00 2001
From: Jan Lehnardt <jan@apache.org>
Date: Mon, 26 Jul 2010 11:20:18 +0000
Subject: Multi-part patch to enable white-listing of _config API values:

 1. Refactor read-only config handlers to be near each other

 2. Refactor PUT and DELETE config handlers to a wrapper

 3. Support a whitelist for modifying the config via HTTP, itself stored in the config

 4. Document the whitelist process

Patch(es) by Jason Smith.

Closes COUCHDB-835.

git-svn-id: https://svn.apache.org/repos/asf/couchdb/trunk@979242 13f79535-47bb-0310-9956-ffa450edef68
---
 etc/couchdb/local.ini | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'etc')

diff --git a/etc/couchdb/local.ini b/etc/couchdb/local.ini
index f20b197a..1b31933c 100644
--- a/etc/couchdb/local.ini
+++ b/etc/couchdb/local.ini
@@ -13,6 +13,13 @@
 ; Uncomment next line to trigger basic-auth popup on unauthorized requests.
 ;WWW-Authenticate = Basic realm="administrator"
 
+; Uncomment next line to set the configuration modification whitelist. Only
+; whitelisted values may be changed via the /_config URLs. To allow the admin
+; to change this value over HTTP, remember to include {httpd,config_whitelist}
+; itself. Excluding it from the list would require editing this file to update
+; the whitelist.
+;config_whitelist = [{httpd,config_whitelist}, {log,level}, {etc,etc}]
+
 [couch_httpd_auth]
 ; If you set this to true, you should also uncomment the WWW-Authenticate line
 ; above. If you don't configure a WWW-Authenticate header, CouchDB will send
-- 
cgit v1.2.3