Well..thanks for that I didn't realize that. The solution I was suggesting would have been places behind a reverse proxy of course On Jan 2, 2014 1:12 PM, "Jan Lehnardt" <[email protected]> wrote:
> > On 01 Jan 2014, at 23:32 , Stanley Iriele <[email protected]> wrote: > > > Can't you just use vhosts and rewrites to take care of that?... > Also...you > > could use list functions to ad an extra step yo do anything you want with > > the results of a view before sending it to a client > > vhosts are using the `Host` header in HTTP requests. While mandatory in > HTTP 1.1, CouchDB will happily answer to HTTP 1.0 requests without a `Host` > header and will serve the default `/` URL and any subsequent one. > > Do not use CouchDB vhosts as a security mechanism. > > Best > Jan > -- > > > > > > On Jan 1, 2014 3:47 PM, "Jens Alfke" <[email protected]> wrote: > > > >> > >> On Dec 31, 2013, at 1:44 AM, meredrica <[email protected]> wrote: > >> > >>> I expose CouchDB directly to mobile clients and wanted to hide some > >>> information from them. > >> > >> You can’t really do that; there’s no notion of read-protection in > CouchDB. > >> As a workaround you can put CouchDB behind a proxy or gateway, and > >> restrict the URL patterns that clients are allowed to send. > >> > >> —Jens > >> > >> > >
