You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@couchdb.apache.org by rn...@apache.org on 2015/09/04 13:41:24 UTC

documentation commit: updated refs/heads/master to 3074cd1

Repository: couchdb-documentation
Updated Branches:
  refs/heads/master ddf248188 -> 3074cd10b


document CSRF mime type parameter


Project: http://git-wip-us.apache.org/repos/asf/couchdb-documentation/repo
Commit: http://git-wip-us.apache.org/repos/asf/couchdb-documentation/commit/3074cd10
Tree: http://git-wip-us.apache.org/repos/asf/couchdb-documentation/tree/3074cd10
Diff: http://git-wip-us.apache.org/repos/asf/couchdb-documentation/diff/3074cd10

Branch: refs/heads/master
Commit: 3074cd10bd34a1a04118fc1ae6f3c9b1b0883319
Parents: ddf2481
Author: Robert Newson <rn...@apache.org>
Authored: Thu Sep 3 21:03:27 2015 +0100
Committer: Robert Newson <rn...@apache.org>
Committed: Thu Sep 3 21:05:08 2015 +0100

----------------------------------------------------------------------
 src/config/http.rst | 9 +++++++++
 1 file changed, 9 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/couchdb-documentation/blob/3074cd10/src/config/http.rst
----------------------------------------------------------------------
diff --git a/src/config/http.rst b/src/config/http.rst
index d54d4aa..ed1d305 100644
--- a/src/config/http.rst
+++ b/src/config/http.rst
@@ -584,6 +584,15 @@ Cross-site Request Forgery protection
             [csrf]
             mandatory = true
 
+    .. config:option:: mime_types
+
+        CouchDB will only enforce CSRF protection for the listed mime
+        types. The default list is application/x-www-form-urlencoded,
+        multipart/form-data, text/plain::
+
+            [csrf]
+            mime_types = text/plain
+
     .. config:option:: secret
 
         All CSRF cookies are signed by the server using this value. A