> Apache CouchDB discussions must happen on a mailing list. Hence, this thread. XD
[11:25] <benoitc> mmmm [11:26] <benoitc> about Host header and vhost [11:26] <benoitc> couldn't we simply forbid messages without Host ? [11:26] <davisp> benoitc: sounds like a config option [11:26] <benoitc> yup [11:27] <benoitc> that would solve the need of a proxy for some uses I guess [11:27] <benoitc> with a default virtualhost to nothing [11:28] <benoitc> (or an info page) [11:28] <davisp> Oh, maybe that's a better config options, "defualt_vhost" like most web servers use [11:28] <benoitc> yes right [11:30] <benoitc> mmm i could implement that anything against ? [11:32] <davisp> Sounds like a question for dev@ I don't think this discussion should have anything to do with security. A rewrite/vhost configuration is not a substitute for a proper security system. HTH, Paul
