option to disable runtime code evaluation

author: Randall Leeds <randall@apache.org> 2016-04-23 17:49:34 -0700
committer: Robert Newson <rnewson@apache.org> 2016-09-09 14:27:56 +0100
commit: d6abc18f27b7b0d0d6cf3e88d25c8066900958a1 (patch)
tree: 1347501c45f3d0ecf80375cd2906bd5b0bc940d6
parent: 33a71410ea7925ffa2da734e73db460d29f68cf7 (diff)
download: couchdb-d6abc18f27b7b0d0d6cf3e88d25c8066900958a1.tar.gz
2 files changed, 42 insertions, 1 deletions
diff --git a/rebar.config.script b/rebar.config.script
index cece0f9e0..104006ee3 100644
--- a/rebar.config.script
+++ b/rebar.config.script
@@ -29,7 +29,7 @@ DepDescs = [
 {b64url,           "b64url",           "6895652d80f95cdf04efb14625abed868998f174"},
 {couch_log,        "couch-log",        "ad803f66dbd1900b67543259142875a6d03503ce"},
 {chttpd,           "chttpd",           "c6b044006fcb58386099105fb6d9e0a036a62ed9"},
-{couch,            "couch",            "72869b8bf139ffc2542d02a2bd3b862042a668c3"},
+{couch,            "couch",            "092dec86bbf068e0ab99f6586668260515fc86a9"},
 {couch_index,      "couch-index",      "53555fd909d5dd3d4a610c3fd6795950a8f7d022"},
 {couch_mrview,     "couch-mrview",     "a0b0392afe66ece9ef3bb4fdd5a4f159c97c47eb"},
 {couch_replicator, "couch-replicator", "b9232c8d410d529d65030896e075c4b4327631b0"},
diff --git a/test/javascript/tests/view_sandboxing.js b/test/javascript/tests/view_sandboxing.js
index c70eeccc3..171777b64 100644
--- a/test/javascript/tests/view_sandboxing.js
+++ b/test/javascript/tests/view_sandboxing.js
@@ -145,6 +145,47 @@ couchTests.view_sandboxing = function(debug) {
   }
 */
 
+  // test that runtime code evaluation can be prevented
+  console.log('TODO: config port not available on cluster');
+  /*var couchjs_command_xhr = CouchDB.request(
+    "GET", "/_config/query_servers/javascript");
+
+  var couchjs_command = JSON.parse(couchjs_command_xhr.responseText);
+  var couchjs_command_args = couchjs_command.match(/\S+|"(?:\\"|[^"])+"/g);
+
+  couchjs_command_args.splice(1, 0, "--no-eval");
+  var new_couchjs_command = couchjs_command_args.join(" ");
+
+  run_on_modified_server(
+    [{section: "query_servers",
+      key: "javascript",
+      value: new_couchjs_command}],
+    function () {
+      var ddoc = {
+        _id: "_design/foobar",
+        language: "javascript",
+        views: {
+          view: {
+            map:
+            (function(doc) {
+              var glob = emit.constructor('return this')();
+              emit(doc._id, null);
+            }).toString()
+          }
+        }
+      };
+
+      db.deleteDb();
+      db.createDb();
+      T(db.save(ddoc).ok);
+
+      T(db.save(doc).ok);
+      var results = db.view(
+        "foobar/view", {bypass_cache: Math.round(Math.random() * 1000)});
+
+      TEquals(0, results.rows.length);
+    });*/
+
   // cleanup
   db.deleteDb();
 };
author	Randall Leeds <randall@apache.org>	2016-04-23 17:49:34 -0700
committer	Robert Newson <rnewson@apache.org>	2016-09-09 14:27:56 +0100
commit	d6abc18f27b7b0d0d6cf3e88d25c8066900958a1 (patch)
tree	1347501c45f3d0ecf80375cd2906bd5b0bc940d6
parent	33a71410ea7925ffa2da734e73db460d29f68cf7 (diff)
download	couchdb-d6abc18f27b7b0d0d6cf3e88d25c8066900958a1.tar.gz