CouchDB 3.x: Move config options from [httpd] to [chttpd]

rel/overlay/etc/default.ini

@@ -147,6 +147,26 @@ max_db_number_for_dbs_info_req = 100
 ; prevent non-admins from accessing /_all_dbs
 ; admin_only_all_dbs = true
 
+; These options are moved from [httpd]
+;secure_rewrites = true
+;allow_jsonp = false
+
+;enable_cors = false
+;enable_xframe_options = false
+
+; CouchDB can optionally enforce a maximum uri length;
+;max_uri_length = 8000
+
+;changes_timeout = 60000
+;config_whitelist =
+;rewrite_limit = 100
+;x_forwarded_host = X-Forwarded-Host
+;x_forwarded_proto = X-Forwarded-Proto
+;x_forwarded_ssl = X-Forwarded-Ssl
+
+; Maximum allowed http request size. Applies to both clustered and local port.
+;max_http_request_size = 4294967296 ; 4GB
+
 ;[jwt_auth]
 ; List of claims to validate
 ; can be the name of a claim like "exp" or a tuple if the claim requires
@@ -190,26 +210,17 @@ database_prefix = userdb-
 port = {{backend_port}}
 bind_address = 127.0.0.1
 authentication_handlers = {couch_httpd_auth, cookie_authentication_handler}, {couch_httpd_auth, default_authentication_handler}
-secure_rewrites = true
-allow_jsonp = false
+
 ; Options for the MochiWeb HTTP server.
 ;server_options = [{backlog, 128}, {acceptor_pool_size, 16}]
 ; For more socket options, consult Erlang's module 'inet' man page.
 ;socket_options = [{recbuf, undefined}, {sndbuf, 262144}, {nodelay, true}]
 socket_options = [{sndbuf, 262144}]
-enable_cors = false
-enable_xframe_options = false
-; CouchDB can optionally enforce a maximum uri length;
-; max_uri_length = 8000
-; changes_timeout = 60000
-; config_whitelist = 
-; max_uri_length = 
-; rewrite_limit = 100
-; x_forwarded_host = X-Forwarded-Host
-; x_forwarded_proto = X-Forwarded-Proto
-; x_forwarded_ssl = X-Forwarded-Ssl
-; Maximum allowed http request size. Applies to both clustered and local port.
-max_http_request_size = 4294967296 ; 4GB
+
+; These settings were moved to [chttpd]
+; secure_rewrites, allow_jsonp, enable_cors, enable_xframe_options,
+; max_uri_length, changes_timeout, config_whitelist, rewrite_limit,
+; x_forwarded_host, x_forwarded_proto, x_forwarded_ssl, max_http_request_size
 
 ; [httpd_design_handlers]
 ; _view = 

src/chttpd/src/chttpd.erl

@@ -416,7 +416,8 @@ possibly_hack(Req) ->
     Req.
 
 check_request_uri_length(Uri) ->
-    check_request_uri_length(Uri, config:get("httpd", "max_uri_length")).
+    check_request_uri_length(Uri,
+        chttpd_util:get_chttpd_config("max_uri_length")).
 
 check_request_uri_length(_Uri, undefined) ->
     ok;
@@ -586,7 +587,8 @@ path(#httpd{mochi_req=MochiReq}) ->
     MochiReq:get(path).
 
 absolute_uri(#httpd{mochi_req=MochiReq, absolute_uri = undefined}, Path) ->
-    XHost = config:get("httpd", "x_forwarded_host", "X-Forwarded-Host"),
+    XHost = chttpd_util:get_chttpd_config(
+        "x_forwarded_host", "X-Forwarded-Host"),
     Host = case MochiReq:get_header_value(XHost) of
         undefined ->
             case MochiReq:get_header_value("Host") of
@@ -601,12 +603,12 @@ absolute_uri(#httpd{mochi_req=MochiReq, absolute_uri = undefined}, Path) ->
             end;
         Value -> Value
     end,
-    XSsl = config:get("httpd", "x_forwarded_ssl", "X-Forwarded-Ssl"),
+    XSsl = chttpd_util:get_chttpd_config("x_forwarded_ssl", "X-Forwarded-Ssl"),
     Scheme = case MochiReq:get_header_value(XSsl) of
         "on" -> "https";
         _ ->
-            XProto = config:get("httpd", "x_forwarded_proto",
-                "X-Forwarded-Proto"),
+            XProto = chttpd_util:get_chttpd_config(
+                "x_forwarded_proto", "X-Forwarded-Proto"),
             case MochiReq:get_header_value(XProto) of
                 % Restrict to "https" and "http" schemes only
                 "https" -> "https";
@@ -648,8 +650,8 @@ body(#httpd{mochi_req=MochiReq, req_body=ReqBody}) ->
     case ReqBody of
         undefined ->
             % Maximum size of document PUT request body (4GB)
-            MaxSize =  config:get_integer("httpd", "max_http_request_size",
-                4294967296),
+            MaxSize = chttpd_util:get_chttpd_config_integer(
+                "max_http_request_size", 4294967296),
             Begin = os:timestamp(),
             try
                 MochiReq:recv_body(MaxSize)
@@ -1028,7 +1030,7 @@ error_headers(#httpd{mochi_req=MochiReq}=Req, 401=Code, ErrorStr, ReasonStr) ->
     % this is where the basic auth popup is triggered
     case MochiReq:get_header_value("X-CouchDB-WWW-Authenticate") of
     undefined ->
-        case config:get("httpd", "WWW-Authenticate", undefined) of
+        case chttpd_util:get_chttpd_config("WWW-Authenticate") of
         undefined ->
             % If the client is a browser and the basic auth popup isn't turned on
             % redirect to the session page.
@@ -1226,7 +1228,7 @@ stack_hash(Stack) ->
 %% this value to 0 to restore the older behavior of sending each row in a
 %% dedicated chunk.
 chunked_response_buffer_size() ->
-    config:get_integer("httpd", "chunked_response_buffer", 1490).
+    chttpd_util:get_chttpd_config_integer("chunked_response_buffer", 1490).
 
 basic_headers(Req, Headers0) ->
     Headers = Headers0

src/chttpd/src/chttpd_cors.erl

@@ -280,7 +280,7 @@ allow_credentials(Config, Origin) ->
 get_cors_config(#httpd{cors_config = undefined, mochi_req = MochiReq}) ->
     Host = couch_httpd_vhost:host(MochiReq),
 
-    EnableCors = config:get("httpd", "enable_cors", "false") =:= "true",
+    EnableCors = chttpd_util:get_chttpd_config_boolean("enable_cors", false),
     AllowCredentials = cors_config(Host, "credentials", "false") =:= "true",
 
     AllowHeaders = case cors_config(Host, "headers", undefined) of

src/chttpd/src/chttpd_external.erl

@@ -59,7 +59,8 @@ json_req_obj_field(<<"headers">>, #httpd{mochi_req=Req}, _Db, _DocId) ->
     Hlist = mochiweb_headers:to_list(Headers),
     to_json_terms(Hlist);
 json_req_obj_field(<<"body">>, #httpd{req_body=undefined, mochi_req=Req}, _Db, _DocId) ->
-    MaxSize = config:get_integer("httpd", "max_http_request_size", 4294967296),
+    MaxSize = chttpd_util:get_chttpd_config_integer(
+        "max_http_request_size", 4294967296),
     try
         Req:recv_body(MaxSize)
     catch exit:normal ->

src/chttpd/src/chttpd_node.erl

@@ -137,7 +137,8 @@ handle_node_req(#httpd{path_parts=[_, Node | PathParts],
     {_, Query, Fragment} = mochiweb_util:urlsplit_path(RawUri),
     NewPath0 = "/" ++ lists:join("/", [couch_util:url_encode(P) || P <- PathParts]),
     NewRawPath = mochiweb_util:urlunsplit_path({NewPath0, Query, Fragment}),
-    MaxSize =  config:get_integer("httpd", "max_http_request_size", 4294967296),
+    MaxSize = chttpd_util:get_chttpd_config_integer(
+        "max_http_request_size", 4294967296),
     NewOpts = [{body, MochiReq0:recv_body(MaxSize)} | MochiReq0:get(opts)],
     Ref = erlang:make_ref(),
     MochiReq = mochiweb_request:new({remote, self(), Ref},

src/chttpd/src/chttpd_rewrite.erl

@@ -28,7 +28,7 @@
 
 handle_rewrite_req(#httpd{}=Req, Db, DDoc) ->
     RewritesSoFar = erlang:get(?REWRITE_COUNT),
-    MaxRewrites = config:get_integer("httpd", "rewrite_limit", 100),
+    MaxRewrites = chttpd_util:get_chttpd_config_integer("rewrite_limit", 100),
     case RewritesSoFar >= MaxRewrites of
         true ->
             throw({bad_request, <<"Exceeded rewrite recursion limit">>});
@@ -442,12 +442,13 @@ path_to_list([<<>>|R], Acc, DotDotCount) ->
 path_to_list([<<"*">>|R], Acc, DotDotCount) ->
     path_to_list(R, [?MATCH_ALL|Acc], DotDotCount);
 path_to_list([<<"..">>|R], Acc, DotDotCount) when DotDotCount == 2 ->
-    case config:get("httpd", "secure_rewrites", "true") of
-    "false" ->
-        path_to_list(R, [<<"..">>|Acc], DotDotCount+1);
-    _Else ->
-        couch_log:notice("insecure_rewrite_rule ~p blocked", [lists:reverse(Acc) ++ [<<"..">>] ++ R]),
-        throw({insecure_rewrite_rule, "too many ../.. segments"})
+    case chttpd_util:get_chttpd_config_boolean("secure_rewrites", true) of
+        false ->
+            path_to_list(R, [<<"..">>|Acc], DotDotCount+1);
+        true ->
+            couch_log:notice("insecure_rewrite_rule ~p blocked",
+                [lists:reverse(Acc) ++ [<<"..">>] ++ R]),
+            throw({insecure_rewrite_rule, "too many ../.. segments"})
     end;
 path_to_list([<<"..">>|R], Acc, DotDotCount) ->
     path_to_list(R, [<<"..">>|Acc], DotDotCount+1);

src/chttpd/src/chttpd_util.erl

@@ -0,0 +1,39 @@
+% Licensed under the Apache License, Version 2.0 (the "License"); you may not
+% use this file except in compliance with the License. You may obtain a copy of
+% the License at
+%
+%   http://www.apache.org/licenses/LICENSE-2.0
+%
+% Unless required by applicable law or agreed to in writing, software
+% distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+% WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+% License for the specific language governing permissions and limitations under
+% the License.
+
+-module(chttpd_util).
+
+
+-export([
+    get_chttpd_config/1,
+    get_chttpd_config/2,
+    get_chttpd_config_integer/2,
+    get_chttpd_config_boolean/2
+]).
+
+
+get_chttpd_config(Key) ->
+    config:get("chttpd", Key, config:get("httpd", Key)).
+
+
+get_chttpd_config(Key, Default) ->
+    config:get("chttpd", Key, config:get("httpd", Key, Default)).
+
+
+get_chttpd_config_integer(Key, Default) ->
+    config:get_integer("chttpd", Key,
+        config:get_integer("httpd", Key, Default)).
+
+
+get_chttpd_config_boolean(Key, Default) ->
+    config:get_boolean("chttpd", Key,
+        config:get_boolean("httpd", Key, Default)).

src/chttpd/src/chttpd_xframe_options.erl

@@ -71,7 +71,8 @@ check_host(#httpd{mochi_req = MochiReq} = Req, Config) ->
 
 
 get_xframe_config(#httpd{xframe_config = undefined}) ->
-    EnableXFrame = config:get("httpd", "enable_xframe_options", "false") =:= "true",
+    EnableXFrame = chttpd_util:get_chttpd_config_boolean(
+        "enable_xframe_options", false),
     SameOrigin = config:get("x_frame_options", "same_origin", "false") =:= "true",
     AcceptedHosts = case config:get("x_frame_options", "hosts") of
         undefined -> [];

src/chttpd/test/eunit/chttpd_util_test.erl

@@ -0,0 +1,107 @@
+% Licensed under the Apache License, Version 2.0 (the "License"); you may not
+% use this file except in compliance with the License. You may obtain a copy of
+% the License at
+%
+%   http://www.apache.org/licenses/LICENSE-2.0
+%
+% Unless required by applicable law or agreed to in writing, software
+% distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+% WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+% License for the specific language governing permissions and limitations under
+% the License.
+
+-module(chttpd_util_test).
+
+
+-include_lib("couch/include/couch_eunit.hrl").
+-include("chttpd_test.hrl").
+
+
+setup() ->
+    ok = config:set("httpd", "both_exist", "get_in_httpd", _Persist = false),
+    ok = config:set("chttpd", "both_exist", "get_in_chttpd", _Persist = false),
+    ok = config:set("httpd", "httpd_only", "true", _Persist = false),
+    ok = config:set("chttpd", "chttpd_only", "1", _Persist = false).
+
+
+teardown(_) ->
+    ok = config:delete("httpd", "both_exist", _Persist = false),
+    ok = config:delete("chttpd", "both_exist", _Persist = false),
+    ok = config:delete("httpd", "httpd_only", _Persist = false),
+    ok = config:delete("chttpd", "chttpd_only", _Persist = false).
+
+
+chttpd_util_config_test_() ->
+    {
+        "chttpd util config tests",
+        {
+            setup,
+            fun test_util:start_couch/0,
+            fun test_util:stop_couch/1,
+            {
+                foreach,
+                fun setup/0,
+                fun teardown/1,
+                [
+                    ?TDEF_FE(test_behavior),
+                    ?TDEF_FE(test_with_undefined_option),
+                    ?TDEF_FE(test_with_httpd_option),
+                    ?TDEF_FE(test_with_chttpd_option),
+                    ?TDEF_FE(test_with_chttpd_option_which_moved_from_httpd),
+                    ?TDEF_FE(test_get_chttpd_config_integer),
+                    ?TDEF_FE(test_get_chttpd_config_boolean)
+                ]
+            }
+        }
+    }.
+
+
+test_behavior(_) ->
+    ?assertEqual("get_in_chttpd", chttpd_util:get_chttpd_config("both_exist")),
+    ?assertEqual(1, chttpd_util:get_chttpd_config_integer("chttpd_only", 0)),
+    ?assert(chttpd_util:get_chttpd_config_boolean("httpd_only", false)).
+
+
+test_with_undefined_option(_) ->
+    ?assertEqual(undefined, chttpd_util:get_chttpd_config("undefined_option")),
+    ?assertEqual(abc, chttpd_util:get_chttpd_config("undefined_option", abc)),
+    ?assertEqual(123, chttpd_util:get_chttpd_config("undefined_option", 123)),
+    ?assertEqual(0.2, chttpd_util:get_chttpd_config("undefined_option", 0.2)),
+    ?assertEqual("a", chttpd_util:get_chttpd_config("undefined_option", "a")),
+    ?assertEqual("", chttpd_util:get_chttpd_config("undefined_option", "")),
+    ?assert(chttpd_util:get_chttpd_config("undefined_option", true)),
+    ?assertNot(chttpd_util:get_chttpd_config("undefined_option", false)).
+
+
+test_with_httpd_option(_) ->
+    ?assertEqual("{couch_httpd_auth, cookie_authentication_handler}, " ++
+            "{couch_httpd_auth, default_authentication_handler}",
+                    chttpd_util:get_chttpd_config("authentication_handlers")).
+
+
+test_with_chttpd_option(_) ->
+    ?assertEqual("512", chttpd_util:get_chttpd_config("backlog")),
+    ?assertEqual("512", chttpd_util:get_chttpd_config("backlog", 123)),
+    ?assertEqual(512, chttpd_util:get_chttpd_config_integer("backlog", 123)),
+    ?assertEqual("false",
+        chttpd_util:get_chttpd_config("require_valid_user")),
+    ?assertEqual("false",
+        chttpd_util:get_chttpd_config("require_valid_user", "true")),
+    ?assertEqual(false,
+        chttpd_util:get_chttpd_config_boolean("require_valid_user", true)).
+
+
+test_with_chttpd_option_which_moved_from_httpd(_) ->
+    ?assertEqual(undefined, chttpd_util:get_chttpd_config("max_uri_length")),
+    ?assertEqual(8000, chttpd_util:get_chttpd_config("max_uri_length", 8000)),
+    ?assertEqual(undefined, chttpd_util:get_chttpd_config("WWW-Authenticate")),
+    ?assert(chttpd_util:get_chttpd_config("enable_cors", true)).
+
+
+test_get_chttpd_config_integer(_) ->
+    ?assertEqual(123,
+        chttpd_util:get_chttpd_config_integer("max_http_request_size", 123)).
+
+
+test_get_chttpd_config_boolean(_) ->
+    ?assert(chttpd_util:get_chttpd_config_boolean("allow_jsonp", true)).

src/couch/src/couch_changes.erl

@@ -370,9 +370,8 @@ get_changes_timeout(Args, Callback) ->
         timeout = Timeout,
         feed = ResponseType
     } = Args,
-    DefaultTimeout = list_to_integer(
-        config:get("httpd", "changes_timeout", "60000")
-    ),
+    DefaultTimeout = chttpd_util:get_chttpd_config_integer(
+        "changes_timeout", 60000),
     case Heartbeat of
     undefined ->
         case Timeout of