You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@couchdb.apache.org by "Rao, Zhiqing" <zr...@qti.qualcomm.com> on 2013/08/23 04:16:19 UTC

HTTP access control (CORS, Cross Origin Resource Sharing ) problem with couchdb server

Hi guys,

When I use ajax to query couchdb view from http://a.com to http://b.com:5984/db/_design/viewxx,
All the available update to date browsers would report error: "required Cross Origin Resource Sharing (CORS)".

I know how to fix the CORS with IIS based website, by adding "Access-Control-Allow-Origin: *" to website response headers.
But how can I add the response header for couchdb server?

Thanks,
Zhiqing

Re: HTTP access control (CORS, Cross Origin Resource Sharing ) problem with couchdb server

Posted by Simon Metson <si...@cloudant.com>.

Yeah, it's a fairly recent feature.  


On Friday, 23 August 2013 at 06:41, Rao, Zhiqing wrote:

> Thanks. I can't find this configuration parameter with couchdb V1.1.1, but it is in V1.3.1. 
> 
> -----Original Message-----
> From: Giovanni P [mailto:fiatjaf@gmail.com] 
> Sent: Friday, August 23, 2013 10:52 AM
> To: user@couchdb.apache.org
> Subject: Re: HTTP access control (CORS, Cross Origin Resource Sharing ) problem with couchdb server
> 
> Enabling CORS <http://pouchdb.com/getting-started.html>
> 
> To replicate directly with CouchDB you need to make sure CORS is enabled, only set the username and password if you have set them previously, by default CouchDB will be installed in "Admin Party" and they are not needed, you will need to replace the myname.iriscouch.com with your own host (
> 127.0.0.1:5984 if installed locally):
> 
> $ export HOST=http://username:password@myname.iriscouch.com$ curl -X PUT $HOST/_config/httpd/enable_cors -d '"true"'$ curl -X PUT $HOST/_config/cors/origins -d '"*"'$ curl -X PUT $HOST/_config/cors/credentials -d '"true"'$ curl -X PUT $HOST/_config/cors/methods -d '"GET, PUT, POST, HEAD, DELETE"'$ curl -X PUT $HOST/_config/cors/headers -d \
> '"accept, authorization, content-type, origin"'
> 
> 
> 
> On Thu, Aug 22, 2013 at 11:28 PM, Bin Wang <wb...@gmail.com> wrote:
> 
> > I'm new to couchdb. But I think you can find the way in document:
> > 
> > http://docs.couchdb.org/en/latest/config_reference.html?highlight=acce
> > ss
> > 
> > 11.16. cors Configuration Options
> > 
> > OptionDescription
> > originsList of origins, separated by a comma (protocol, host, optional
> > port)
> > methodsaccepted HTTP methods
> > credentialstrue sends additional header 
> > Access-Control-Allow-Credentials=true
> > 
> > Note that credentials=true and origins=* are mutually exclusive.
> > 
> > 
> > 2013/8/23 Rao, Zhiqing <zr...@qti.qualcomm.com>:
> > > Hi guys,
> > > 
> > > When I use ajax to query couchdb view from http://a.com to
> > http://b.com:5984/db/_design/viewxx,
> > > All the available update to date browsers would report error: 
> > > "required
> > > 
> > 
> > Cross Origin Resource Sharing (CORS)".
> > > 
> > > I know how to fix the CORS with IIS based website, by adding
> > "Access-Control-Allow-Origin: *" to website response headers.
> > > But how can I add the response header for couchdb server?
> > > 
> > > Thanks,
> > > Zhiqing
> > > 
> > 
> > 
> 
> 
>

RE: HTTP access control (CORS, Cross Origin Resource Sharing ) problem with couchdb server

Posted by "Rao, Zhiqing" <zr...@qti.qualcomm.com>.

Thanks. I can't find this configuration parameter with couchdb V1.1.1, but it is in V1.3.1. 

-----Original Message-----
From: Giovanni P [mailto:fiatjaf@gmail.com] 
Sent: Friday, August 23, 2013 10:52 AM
To: user@couchdb.apache.org
Subject: Re: HTTP access control (CORS, Cross Origin Resource Sharing ) problem with couchdb server

Enabling CORS <http://pouchdb.com/getting-started.html>

To replicate directly with CouchDB you need to make sure CORS is enabled, only set the username and password if you have set them previously, by default CouchDB will be installed in "Admin Party" and they are not needed, you will need to replace the myname.iriscouch.com with your own host (
127.0.0.1:5984 if installed locally):

$ export HOST=http://username:password@myname.iriscouch.com$ curl -X PUT $HOST/_config/httpd/enable_cors -d '"true"'$ curl -X PUT $HOST/_config/cors/origins -d '"*"'$ curl -X PUT $HOST/_config/cors/credentials -d '"true"'$ curl -X PUT $HOST/_config/cors/methods -d '"GET, PUT, POST, HEAD, DELETE"'$ curl -X PUT $HOST/_config/cors/headers -d \
  '"accept, authorization, content-type, origin"'



On Thu, Aug 22, 2013 at 11:28 PM, Bin Wang <wb...@gmail.com> wrote:

> I'm new to couchdb. But I think you can find the way in document:
>
> http://docs.couchdb.org/en/latest/config_reference.html?highlight=acce
> ss
>
> 11.16. cors Configuration Options
>
> OptionDescription
> originsList of origins, separated by a comma (protocol, host, optional
> port)
> methodsaccepted HTTP methods
> credentialstrue sends additional header 
> Access-Control-Allow-Credentials=true
>
> Note that credentials=true and origins=* are mutually exclusive.
>
>
> 2013/8/23 Rao, Zhiqing <zr...@qti.qualcomm.com>:
> > Hi guys,
> >
> > When I use ajax to query couchdb view from http://a.com to
> http://b.com:5984/db/_design/viewxx,
> > All the available update to date browsers would report error: 
> > "required
> Cross Origin Resource Sharing (CORS)".
> >
> > I know how to fix the CORS with IIS based website, by adding
> "Access-Control-Allow-Origin: *" to website response headers.
> > But how can I add the response header for couchdb server?
> >
> > Thanks,
> > Zhiqing
>

Re: HTTP access control (CORS, Cross Origin Resource Sharing ) problem with couchdb server

Posted by Giovanni P <fi...@gmail.com>.

Enabling CORS <http://pouchdb.com/getting-started.html>

To replicate directly with CouchDB you need to make sure CORS is enabled,
only set the username and password if you have set them previously, by
default CouchDB will be installed in "Admin Party" and they are not needed,
you will need to replace the myname.iriscouch.com with your own host (
127.0.0.1:5984 if installed locally):

$ export HOST=http://username:password@myname.iriscouch.com$ curl -X
PUT $HOST/_config/httpd/enable_cors -d '"true"'$ curl -X PUT
$HOST/_config/cors/origins -d '"*"'$ curl -X PUT
$HOST/_config/cors/credentials -d '"true"'$ curl -X PUT
$HOST/_config/cors/methods -d '"GET, PUT, POST, HEAD, DELETE"'$ curl
-X PUT $HOST/_config/cors/headers -d \
  '"accept, authorization, content-type, origin"'



On Thu, Aug 22, 2013 at 11:28 PM, Bin Wang <wb...@gmail.com> wrote:

> I'm new to couchdb. But I think you can find the way in document:
>
> http://docs.couchdb.org/en/latest/config_reference.html?highlight=access
>
> 11.16. cors Configuration Options
>
> OptionDescription
> originsList of origins, separated by a comma (protocol, host, optional
> port)
> methodsaccepted HTTP methods
> credentialstrue sends additional header
> Access-Control-Allow-Credentials=true
>
> Note that credentials=true and origins=* are mutually exclusive.
>
>
> 2013/8/23 Rao, Zhiqing <zr...@qti.qualcomm.com>:
> > Hi guys,
> >
> > When I use ajax to query couchdb view from http://a.com to
> http://b.com:5984/db/_design/viewxx,
> > All the available update to date browsers would report error: "required
> Cross Origin Resource Sharing (CORS)".
> >
> > I know how to fix the CORS with IIS based website, by adding
> "Access-Control-Allow-Origin: *" to website response headers.
> > But how can I add the response header for couchdb server?
> >
> > Thanks,
> > Zhiqing
>

Re: HTTP access control (CORS, Cross Origin Resource Sharing ) problem with couchdb server

Posted by Bin Wang <wb...@gmail.com>.

I'm new to couchdb. But I think you can find the way in document:

http://docs.couchdb.org/en/latest/config_reference.html?highlight=access

11.16. cors Configuration Options

OptionDescription
originsList of origins, separated by a comma (protocol, host, optional port)
methodsaccepted HTTP methods
credentialstrue sends additional header Access-Control-Allow-Credentials=true

Note that credentials=true and origins=* are mutually exclusive.


2013/8/23 Rao, Zhiqing <zr...@qti.qualcomm.com>:
> Hi guys,
>
> When I use ajax to query couchdb view from http://a.com to http://b.com:5984/db/_design/viewxx,
> All the available update to date browsers would report error: "required Cross Origin Resource Sharing (CORS)".
>
> I know how to fix the CORS with IIS based website, by adding "Access-Control-Allow-Origin: *" to website response headers.
> But how can I add the response header for couchdb server?
>
> Thanks,
> Zhiqing