On Mon, Jun 21, 2010 at 00:15, Manokaran K <[email protected]> wrote: > On Mon, Jun 21, 2010 at 2:54 AM, Randall Leeds <[email protected]>wrote: > >> I suspect you could achieve what you're looking for with a rewrite >> handler[1] and a show function[2] that rewrites "/db/mydoc" to >> "/db/_design/safe/_show/document/mydoc". >> >> > But rewrites cannot be relied upon as a security measure. A user can bypass > it by requesting the view URL itself and be able to see the raw doc!
I missed the part about not making the design document code visible. Is it possible to just rewrite this as well? I know the rewrite solution feels like whack-a-mole, but is it really not possible to solve Pavan's use case?
