You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@couchdb.apache.org by "Noah Slater (Commented) (JIRA)" <ji...@apache.org> on 2011/10/30 20:42:32 UTC

[jira] [Commented] (COUCHDB-464) Allow POST to _log for external processes

    [ https://issues.apache.org/jira/browse/COUCHDB-464?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13139726#comment-13139726 ] 

Noah Slater commented on COUCHDB-464:
-------------------------------------

Doesn't this allow malicious user agents to craft spoofed log entries for CouchDB? You could make it look like something very serious was happening, causing the CouchDB admin to take measures that harm the server or the data it contains. If we're going to do this at all (and I am not sure I see a valid use case here) then the message should be prefixed with a big fat notice that it's user generated.
                
> Allow POST to _log for external processes
> -----------------------------------------
>
>                 Key: COUCHDB-464
>                 URL: https://issues.apache.org/jira/browse/COUCHDB-464
>             Project: CouchDB
>          Issue Type: New Feature
>            Reporter: Robert Newson
>             Fix For: 1.3
>
>         Attachments: 0001-Add-POST-support-to-_log.patch, 0001-Add-POST-support-to-_log.patch, 0001-Add-POST-support-to-_log.patch
>
>
> Add POST support to _log so that external processes can also log to couch.log. This would allow couchdb-lucene (to pick a random example) to log consistently. 

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira