diff options
| author | Joan Touzet <wohali@users.noreply.github.com> | 2020-02-19 19:34:22 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-02-19 19:34:22 +0000 |
| commit | 702a25d1545172fa729f82eb4ba78872d566b62a (patch) | |
| tree | 4f4b8c1442032b1013f5216e79b33c8584118c08 | |
| parent | b2f921c870c58b40cd74b66c38e1c5b2d14f8a95 (diff) | |
| parent | 5865d22810f15e57b816b30d8266c1cef51055ab (diff) | |
| download | couchdb-rc3-docs.tar.gz | |
Merge branch '3.0.x' into rc3-docsrc3-docs
| -rw-r--r-- | rel/overlay/etc/default.ini | 2 | ||||
| -rw-r--r-- | src/chttpd/src/chttpd_auth_request.erl | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/rel/overlay/etc/default.ini b/rel/overlay/etc/default.ini index 1829d0d74..246c17307 100644 --- a/rel/overlay/etc/default.ini +++ b/rel/overlay/etc/default.ini @@ -136,7 +136,7 @@ max_db_number_for_dbs_info_req = 100 ; authentication_handlers = {chttpd_auth, proxy_authentication_handler}, {chttpd_auth, cookie_authentication_handler}, {chttpd_auth, default_authentication_handler} ; prevent non-admins from accessing /_all_dbs -;admin_only_all_dbs = false +; admin_only_all_dbs = true [couch_peruser] ; If enabled, couch_peruser ensures that a private per-user database diff --git a/src/chttpd/src/chttpd_auth_request.erl b/src/chttpd/src/chttpd_auth_request.erl index fa47f5bfa..8040f91fd 100644 --- a/src/chttpd/src/chttpd_auth_request.erl +++ b/src/chttpd/src/chttpd_auth_request.erl @@ -34,7 +34,7 @@ authorize_request_int(#httpd{path_parts=[]}=Req) -> authorize_request_int(#httpd{path_parts=[<<"favicon.ico">>|_]}=Req) -> Req; authorize_request_int(#httpd{path_parts=[<<"_all_dbs">>|_]}=Req) -> - case config:get_boolean("chttpd", "admin_only_all_dbs", false) of + case config:get_boolean("chttpd", "admin_only_all_dbs", true) of true -> require_admin(Req); false -> Req end; |