On 01 Jan 2014, at 23:32 , Stanley Iriele <[email protected]> wrote:
> Can't you just use vhosts and rewrites to take care of that?... Also...you > could use list functions to ad an extra step yo do anything you want with > the results of a view before sending it to a client vhosts are using the `Host` header in HTTP requests. While mandatory in HTTP 1.1, CouchDB will happily answer to HTTP 1.0 requests without a `Host` header and will serve the default `/` URL and any subsequent one. Do not use CouchDB vhosts as a security mechanism. Best Jan -- > On Jan 1, 2014 3:47 PM, "Jens Alfke" <[email protected]> wrote: > >> >> On Dec 31, 2013, at 1:44 AM, meredrica <[email protected]> wrote: >> >>> I expose CouchDB directly to mobile clients and wanted to hide some >>> information from them. >> >> You can’t really do that; there’s no notion of read-protection in CouchDB. >> As a workaround you can put CouchDB behind a proxy or gateway, and >> restrict the URL patterns that clients are allowed to send. >> >> —Jens >> >>
signature.asc
Description: Message signed with OpenPGP using GPGMail
