You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@couchdb.apache.org by rn...@apache.org on 2015/09/04 13:41:24 UTC
documentation commit: updated refs/heads/master to 3074cd1
Repository: couchdb-documentation
Updated Branches:
refs/heads/master ddf248188 -> 3074cd10b
document CSRF mime type parameter
Project: http://git-wip-us.apache.org/repos/asf/couchdb-documentation/repo
Commit: http://git-wip-us.apache.org/repos/asf/couchdb-documentation/commit/3074cd10
Tree: http://git-wip-us.apache.org/repos/asf/couchdb-documentation/tree/3074cd10
Diff: http://git-wip-us.apache.org/repos/asf/couchdb-documentation/diff/3074cd10
Branch: refs/heads/master
Commit: 3074cd10bd34a1a04118fc1ae6f3c9b1b0883319
Parents: ddf2481
Author: Robert Newson <rn...@apache.org>
Authored: Thu Sep 3 21:03:27 2015 +0100
Committer: Robert Newson <rn...@apache.org>
Committed: Thu Sep 3 21:05:08 2015 +0100
----------------------------------------------------------------------
src/config/http.rst | 9 +++++++++
1 file changed, 9 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/couchdb-documentation/blob/3074cd10/src/config/http.rst
----------------------------------------------------------------------
diff --git a/src/config/http.rst b/src/config/http.rst
index d54d4aa..ed1d305 100644
--- a/src/config/http.rst
+++ b/src/config/http.rst
@@ -584,6 +584,15 @@ Cross-site Request Forgery protection
[csrf]
mandatory = true
+ .. config:option:: mime_types
+
+ CouchDB will only enforce CSRF protection for the listed mime
+ types. The default list is application/x-www-form-urlencoded,
+ multipart/form-data, text/plain::
+
+ [csrf]
+ mime_types = text/plain
+
.. config:option:: secret
All CSRF cookies are signed by the server using this value. A