Russell Branca [Thu, 25 Feb 2016 19:50:00 +0000 (19:50 +0000)] 
Use new optional fetch logic for configure_filter/5
Alexander Shorin [Tue, 2 Feb 2016 15:23:06 +0000 (18:23 +0300)] 
Merge remote-tracking branch 'github/pr/100'
ILYA Khlopotov [Thu, 28 Jan 2016 23:39:30 +0000 (15:39 -0800)] 
Convert all CORS headers config into lowercase
ILYA Khlopotov [Mon, 25 Jan 2016 21:07:19 +0000 (13:07 -0800)]
Adding more tests for CORS
ILYA Khlopotov [Mon, 25 Jan 2016 21:06:39 +0000 (13:06 -0800)]
Introduce cors/exposed_headers config setting
ILYA Khlopotov [Mon, 25 Jan 2016 21:05:47 +0000 (13:05 -0800)]
Make use of <<allow_headers>> option
ILYA Khlopotov [Mon, 25 Jan 2016 21:04:06 +0000 (13:04 -0800)]
Use correct setting for AllowHeaders
Alexander Shorin [Sun, 3 Jan 2016 17:17:29 +0000 (20:17 +0300)]
Don't crash on unknown request method
Alexander Shorin [Wed, 18 Nov 2015 18:37:41 +0000 (21:37 +0300)]
Ask cassim for secObj value
ermouth [Fri, 2 Oct 2015 11:00:53 +0000 (14:00 +0300)] 
Rewrite via query server
COUCHDB-2874
Robert Newson [Sun, 20 Dec 2015 18:39:36 +0000 (18:39 +0000)] 
fix conflict case - COUCHDB-2082
Robert Newson [Sun, 20 Dec 2015 18:15:21 +0000 (18:15 +0000)]
Create _design/_auth if missing in clustered users db
This also fixes a crash if the _users db had any design documents in it.
COUCHDB-2082
Jan Lehnardt [Fri, 18 Dec 2015 10:51:09 +0000 (11:51 +0100)] 
Merge branch '1.x-compat'
* 1.x-compat:
1.x compat: update fun: allow docs with slash in id
1.x compat: parse form data for externals on PUT in addtion ot POST
Jan Lehnardt [Sat, 12 Dec 2015 14:14:37 +0000 (15:14 +0100)]
1.x compat: update fun: allow docs with slash in id
Jan Lehnardt [Sat, 12 Dec 2015 14:09:01 +0000 (15:09 +0100)]
1.x compat: parse form data for externals on PUT in addtion ot POST
Alexander Shorin [Sat, 8 Aug 2015 16:20:56 +0000 (19:20 +0300)]
Provide information about actual request path when vhost is used
ILYA Khlopotov [Thu, 19 Nov 2015 18:11:25 +0000 (10:11 -0800)]
Get rid of confusing function
ILYA Khlopotov [Thu, 19 Nov 2015 18:10:39 +0000 (10:10 -0800)]
Refactor logging statement
ILYA Khlopotov [Thu, 19 Nov 2015 18:09:52 +0000 (10:09 -0800)]
Drop R14 support
ILYA Khlopotov [Wed, 18 Nov 2015 16:25:39 +0000 (08:25 -0800)]
Handle errors from before_request/after_request
This refactoring fixes the handling of errors from before_request.
Unify how we deal with errors among before_request and handle_request.
Alexander Shorin [Tue, 10 Nov 2015 22:17:36 +0000 (01:17 +0300)]
Fix compilation warning
Klaus Trainer [Mon, 2 Nov 2015 22:12:04 +0000 (23:12 +0100)] 
Fix return types of responses to view requests
This fixes an issue that was introduced with
72258e2 and
e5b1aee.
Background:
Although all things still seemed to work, each request to a view
generated an exception with the following stack trace:
```
exception error: undefined function vacc:get/2
in function chttpd:result/2 (src/chttpd.erl, line 297)
in call from chttpd:handle_request_int/1 (src/chttpd.erl, line 276)
in call from mochiweb_http:headers/6 (src/mochiweb_http.erl, line 122)
```
Klaus Trainer [Mon, 2 Nov 2015 20:22:26 +0000 (21:22 +0100)]
Don't set random ETag header for `_all_docs` view
This fixes the issue that by setting a random ETag header, we implicitly
promised that there's a chance of a cache hit where there was no chance.
For 2.0, we simply remove the random ETag without replacement, in order
to not accidentally cause useless cache bloat in clients.
COUCHDB-2859
Klaus Trainer [Mon, 2 Nov 2015 17:33:19 +0000 (18:33 +0100)]
Don't set random ETag header for views
This fixes the issue that by setting a random ETag header, we implicitly
promised that there's a chance of a cache hit where there was no chance.
For 2.0, we simply remove the random ETag without replacement, in order
to not accidentally cause useless cache bloat in clients.
COUCHDB-2859
Jay Doane [Mon, 2 Nov 2015 00:59:32 +0000 (16:59 -0800)] 
Explicitly create admin user and authenticate requests in chttpd_db_test cases
COUCHDB-2865
BugzID: 55502
Alexander Shorin [Thu, 29 Oct 2015 00:38:52 +0000 (03:38 +0300)]
Fix Last-Event-ID header handling for db changes feed
This assumes Last-Event-ID header value to be opaque.
COUCHDB-2858
Alexander Shorin [Thu, 29 Oct 2015 00:06:45 +0000 (03:06 +0300)]
Accept OPTIONS requests to list functions
COUCHDB-2850
Alexander Shorin [Wed, 28 Oct 2015 22:07:26 +0000 (01:07 +0300)]
Restore HTTP 301 response for /db/_design%2fddoc/* resources
This also fixes bug that existed in 1.x when escape sequence
represented in uppercase: then we send wrong Location header
back to user causing HTTP 404 result.
COUCHDB-2674
Alexander Shorin [Tue, 27 Oct 2015 20:59:03 +0000 (23:59 +0300)]
Update /_replicate handler and clean it from legacy decisions
It's not actual anymore to have try/catch around replicate/2 as it never
throws any errors making catch block is actually unreached for
the specified clauses.
We also shouldn't repeat our self in error response rendering here.
Alexander Shorin [Thu, 22 Oct 2015 19:25:21 +0000 (22:25 +0300)]
Backport content negotiation from couch_httpd_*
COUCHDB-2409
Alexander Shorin [Tue, 27 Oct 2015 19:32:54 +0000 (22:32 +0300)]
Merge remote-tracking branch 'github/pr/81'
Alexander Shorin [Tue, 27 Oct 2015 13:23:22 +0000 (16:23 +0300)]
Fix replication when source/target are URLs
Commit
895715a6 introduced a bug when we quote all the values
while we only need to escape values that references to local
databases.
Alexander Shorin [Thu, 22 Oct 2015 18:27:04 +0000 (21:27 +0300)]
Fix start_couch test helper
Alexander Shorin [Tue, 20 Oct 2015 18:13:39 +0000 (21:13 +0300)]
Escape database name on POST /_replicate
COUCHDB-2666
Alexander Shorin [Tue, 20 Oct 2015 18:04:31 +0000 (21:04 +0300)]
Use real chttpd port for URI construct
Those port that we get from config works fine until we start to ask
for a random port.
Alexander Shorin [Thu, 15 Oct 2015 20:17:41 +0000 (23:17 +0300)]
Use new couch_httpd_multipart API
Alexander Shorin [Thu, 15 Oct 2015 19:53:12 +0000 (22:53 +0300)]
Fix multipart stream refactor
Alexander Shorin [Thu, 15 Oct 2015 16:36:41 +0000 (19:36 +0300)]
Merge remote-tracking branch 'github/pr/11'
ILYA Khlopotov [Fri, 9 Oct 2015 20:51:24 +0000 (13:51 -0700)]
Use couch_epi:decide/5 for authenticate/authorize
Robert Newson [Thu, 8 Oct 2015 12:14:02 +0000 (13:14 +0100)]
Call parse_revs
COUCHDB-2845
Robert Kowalski [Thu, 8 Oct 2015 09:36:56 +0000 (11:36 +0200)] 
remove dead code
i keep running into this but it is not used anywhere
PR: #79
PR-URL: https://github.com/apache/couchdb-chttpd/pull/79
Reviewed-By: Robert Newson <rnewson@apache.org>
Alexander Shorin [Wed, 7 Oct 2015 21:02:19 +0000 (00:02 +0300)]
Make sure that database was created and deleted successfully
Alexander Shorin [Thu, 1 Oct 2015 17:53:29 +0000 (20:53 +0300)]
Merge remote-tracking branch 'github/pr/78'
Alexander Shorin [Thu, 1 Oct 2015 17:50:26 +0000 (20:50 +0300)]
Update .travis.yml
ILYA Khlopotov [Thu, 1 Oct 2015 17:40:16 +0000 (10:40 -0700)]
Remove chttpd_handlers:provider
`provider` function is no longer needed since providers defined by
couch_epi_plugin behaviour.
Robert Newson [Thu, 1 Oct 2015 15:05:34 +0000 (16:05 +0100)]
Merge remote-tracking branch 'cloudant/simplify_couch_epi'
Robert Newson [Thu, 1 Oct 2015 13:55:09 +0000 (14:55 +0100)]
Properly escape Location: HTTP header
Non-ASCII characters in the "Location:" header must be URL-encoded. This
can happen if a document is inserted with a user-defined "_id"
containing non-ASCII characters or if a filename contains non-ASCII
characters.
COUCHDB-2673
ILYA Khlopotov [Tue, 29 Sep 2015 20:04:19 +0000 (13:04 -0700)]
Pass supervisor's children to couch_epi
ILYA Khlopotov [Mon, 28 Sep 2015 16:47:02 +0000 (09:47 -0700)]
Update to new couch_epi API
Robert Newson [Fri, 25 Sep 2015 11:06:45 +0000 (12:06 +0100)]
Merge remote-tracking branch 'cloudant/2825-crypto-deprecations'
Robert Newson [Thu, 24 Sep 2015 11:10:20 +0000 (12:10 +0100)]
Lager is optional, don't start it here
Robert Newson [Wed, 23 Sep 2015 18:29:54 +0000 (19:29 +0100)]
Fix crypto deprecations
COUCHDB-2825
Robert Newson [Wed, 23 Sep 2015 12:50:36 +0000 (13:50 +0100)]
Fix test broken by 'Use illegal_docid error for really bad document ids'
Alexander Shorin [Thu, 17 Sep 2015 20:09:45 +0000 (23:09 +0300)]
Use illegal_docid error for really bad document ids
Robert Newson [Mon, 21 Sep 2015 22:40:11 +0000 (23:40 +0100)]
Reject database names that cause enametoolong error
COUCHDB-2821
Alexander Shorin [Wed, 22 Apr 2015 18:30:47 +0000 (21:30 +0300)]
Implement /db/_bulk_get endpoint
COUCHDB-2310
Robert Newson [Thu, 17 Sep 2015 17:34:41 +0000 (18:34 +0100)]
remove tabs
Nick Vatamaniuc [Wed, 16 Sep 2015 20:48:20 +0000 (16:48 -0400)] 
POST to /{db}/_all_docs with invalid keys should return 400
Now they return 500. Since there is nothing wrong on the 500,
400 is more appropriate.
For example, turns requests like these:
http -a adm:pass POST http://127.0.0.1:15984/db1/_all_docs keys:='["1",2]'
HTTP/1.1 500 Internal Server Error
Content-Type: application/json
{
"error": "2",
"reason": "{illegal_docid,2}"
}
Into:
http -a adm:pass POST http://127.0.0.1:15984/db1/_all_docs keys:='["1",2]'
HTTP/1.1 400 Bad Request
Content-Type: application/json
{
"error": "illegal_docid",
"reason": 2
}
COUCHDB-2815
Robert Newson [Sat, 12 Sep 2015 18:30:20 +0000 (19:30 +0100)]
Revert "add clusterwide compaction for dbs"
This reverts commit
994f132fd0923223ec7fd0802288fc2814bcc634.
Robert Newson [Thu, 10 Sep 2015 11:29:23 +0000 (12:29 +0100)]
Remove new CSRF mechanism
ILYA Khlopotov [Wed, 9 Sep 2015 16:28:01 +0000 (09:28 -0700)]
Fix usage of lists:keyreplace
Robert Newson [Tue, 8 Sep 2015 12:50:31 +0000 (13:50 +0100)]
Don't insert nil into lru
Robert Newson [Tue, 8 Sep 2015 12:49:18 +0000 (13:49 +0100)]
remove tabs
Robert Newson [Wed, 2 Sep 2015 18:34:25 +0000 (19:34 +0100)]
Merge remote-tracking branch 'cloudant/2796-improve_performance_of_providers_function'
ILYA Khlopotov [Wed, 2 Sep 2015 16:50:41 +0000 (09:50 -0700)]
Register service
COUCHDB-2796
ILYA Khlopotov [Wed, 2 Sep 2015 16:50:08 +0000 (09:50 -0700)]
Use ?SERVICE_ID macro
COUCHDB-2796
Robert Newson [Wed, 2 Sep 2015 15:30:18 +0000 (16:30 +0100)]
Merge remote-tracking branch 'cloudant/2775-post-valid-json-header'
ILYA Khlopotov [Tue, 1 Sep 2015 13:25:12 +0000 (06:25 -0700)]
Remove `ignore_providers` option
COUCHDB-2796
Robert Newson [Fri, 28 Aug 2015 12:57:09 +0000 (13:57 +0100)]
Merge remote-tracking branch 'cloudant/2788-fix-override'
Robert Newson [Thu, 27 Aug 2015 20:29:55 +0000 (21:29 +0100)]
Capture histogram data for _bulk_requests
COUCHDB-2792
Robert Kowalski [Fri, 21 Aug 2015 12:13:18 +0000 (14:13 +0200)]
add clusterwide compaction for dbs
PRs:
https://github.com/apache/couchdb-chttpd/pull/62
https://github.com/apache/couchdb-fabric/pull/27
COUCHDB-2492
PR: #62
PR-URL: https://github.com/apache/couchdb-chttpd/pull/62
Reviewed-By: Robert Newson <rnewson@apache.org>
ILYA Khlopotov [Tue, 25 Aug 2015 00:04:51 +0000 (17:04 -0700)]
Fix 'override' and 'override default' functionality
COUCHDB-2788
Robert Newson [Tue, 25 Aug 2015 16:57:52 +0000 (17:57 +0100)]
Actually send an ETag for _view and _all_docs
We were previously sending ETag: undefined in both cases.
It would be better to not bother with Etag at all for these as the
odds of caching are low in a sharded system.
Robert Newson [Tue, 25 Aug 2015 15:38:39 +0000 (16:38 +0100)]
Etag's require quotes
Robert Newson [Tue, 25 Aug 2015 12:20:24 +0000 (13:20 +0100)]
add missing dbinfo metric
Alexander Shorin [Tue, 25 Aug 2015 08:47:45 +0000 (11:47 +0300)]
There is no binary_to_integer/1 in R14
Alexander Shorin [Tue, 25 Aug 2015 08:07:54 +0000 (11:07 +0300)]
Fix test after sequence format change
Caused by
https://git-wip-us.apache.org/repos/asf?p=couchdb-fabric.git;h=
42a67d0a0
Alexander Shorin [Sat, 22 Aug 2015 22:06:21 +0000 (01:06 +0300)]
Integrate with Travis CI
Alexander Shorin [Fri, 21 Aug 2015 10:09:03 +0000 (13:09 +0300)]
Expose node`s /_system endpoint
Alexander Shorin [Fri, 21 Aug 2015 08:31:44 +0000 (11:31 +0300)]
Ensure that provided bind_address is correct
Alexander Shorin [Wed, 19 Aug 2015 19:12:16 +0000 (22:12 +0300)]
Fix cors tests
Robert Newson [Wed, 19 Aug 2015 15:41:06 +0000 (16:41 +0100)]
Don't pass CSRF cookie to replicator
COUCHDB-2781
Mayya Sharipova [Mon, 17 Aug 2015 14:12:46 +0000 (10:12 -0400)] 
check POST requests for valid json header
validate that all POST requests with json body must have also have valid
json header: {"Content-Type": "application/json"}
This ensures a basic protection against CSRF
JIRA: COUCHDB-2775
Robert Newson [Tue, 18 Aug 2015 09:50:29 +0000 (10:50 +0100)]
Whitelist CSRF header for CORS
x-couchdb-csrf is a permitted request header
x-couchdb-csrf-valid is a permitted response header
COUCHDB-2762
Robert Newson [Sun, 16 Aug 2015 12:06:01 +0000 (13:06 +0100)]
Whitelist CSRF header for CORS
COUCHDB-2762
ILYA Khlopotov [Thu, 13 Aug 2015 15:33:33 +0000 (08:33 -0700)]
Support endpoint overriding
There are two kinds of overrides:
- overriding regular endpoint
- overriding default handler (such as chttpd_db:handle_request/1)
Therefore there are two distinct options for overriding.
url_handler(<<"_all_dbs">>) ->
{override, fun mymodule:handle_all_dbs_req/1};
url_handler(_) ->
{default, fun mymodule:handle_request/1};
ILYA Khlopotov [Fri, 31 Jul 2015 18:35:24 +0000 (11:35 -0700)]
Return `{error, {illegal_database_name, Name}}`
ILYA Khlopotov [Fri, 31 Jul 2015 13:27:20 +0000 (06:27 -0700)]
Use `#httpd.qs` field
ILYA Khlopotov [Wed, 29 Jul 2015 18:59:42 +0000 (11:59 -0700)]
Use private to_lower instead of string:to_lower
ILYA Khlopotov [Wed, 29 Jul 2015 18:31:28 +0000 (11:31 -0700)]
Add chttpd_plugin hooks
We add following hooks:
- chttpd_plugin:before_request/1
- chttpd_plugin:after_request/2
- chttpd_plugin:handle_error/1
ILYA Khlopotov [Mon, 29 Jun 2015 13:19:11 +0000 (06:19 -0700)]
Use `#httpd.cors_config`
ILYA Khlopotov [Mon, 22 Jun 2015 18:37:54 +0000 (11:37 -0700)]
Use #httpd.absolute_uri
ILYA Khlopotov [Mon, 22 Jun 2015 12:32:39 +0000 (05:32 -0700)]
Refactor handle_request/1 to use #httpd_resp{}
Pass more info into #httpd{} and introduce #httpd_resp{} so we can
abstract updating stats and logging of request into separate functions.
We also prepare for introduction of before_request/after_request hooks.
ILYA Khlopotov [Wed, 29 Jul 2015 17:15:50 +0000 (10:15 -0700)]
Add `chttpd_auth:authorize/2` hook
ILYA Khlopotov [Fri, 19 Jun 2015 21:12:33 +0000 (14:12 -0700)]
Derive HandlerKey from path_parts
This is a preparation for introducing `before_request` hook.
Plugin might want to manipulate Path in order to affect handler selection.
Therefore HandlerKey calculation has to happen after
`chttpd_plugin:before_request` and it should be based on the value
returned from that call.
HandlerKey was constructed using `mochiweb_util:partition(Path, "/")`.
We change the logic to use first part of path_parts field of #httpd{}
record.
ILYA Khlopotov [Wed, 5 Aug 2015 21:31:31 +0000 (14:31 -0700)]
Use '?ADMIN_USER' for admin party
ILYA Khlopotov [Wed, 29 Jul 2015 16:40:23 +0000 (09:40 -0700)]
Introduce `chttpd_auth:authenticate` hook
Robert Newson [Wed, 5 Aug 2015 13:27:38 +0000 (14:27 +0100)]
Merge remote-tracking branch 'cloudant/2762-csrf'
Robert Newson [Tue, 4 Aug 2015 14:40:27 +0000 (15:40 +0100)]
Don't send empty buffer as it terminates response prematurely
Robert Newson [Fri, 31 Jul 2015 15:29:08 +0000 (16:29 +0100)]
Call CouchDB's CSRF validation
COUCHDB-2762
projects / couchdb-chttpd.git / log
