Skip to content

Commit

Permalink
Detect deep rewrites
Browse files Browse the repository at this point in the history
  • Loading branch information
@jhs
jhs committed Feb 21, 2011
1 parent d6e66e8 commit 5d42a9d
Showing 1 changed file with 23 additions and 1 deletion.
24 changes: 23 additions & 1 deletion audit_couchdb.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,11 +28,33 @@ function CouchAudit(url) {
})

self.on('ddoc', function(db_url, ddoc, info) {
var ddoc_url = lib.join(db_url, ddoc._id);

if(ddoc.language !== info.view_index.language)
throw new Error("Different languages in ddoc vs. index info: " + JSON.stringify(info) + " vs. language = " + JSON.stringify(ddoc.language));

if(ddoc.language !== 'javascript')
this.medium("Non-standard language '" + ddoc.language + '": ' + lib.join(db_url, ddoc._id));
this.medium("Non-standard language '" + ddoc.language + '": ' + ddoc_url);

// Detect unsafe rewrites.
(ddoc.rewrites || []).forEach(function(rule) {
var parts = rule.to.split(/\//);

var depth = 0
, minimum_depth = 0;
parts.forEach(function(part) {
depth += (part === '..' ? -1 : 1);
if(depth < minimum_depth)
minimum_depth = depth;
})

if(minimum_depth === -2)
self.low("Database-level rewrite " + JSON.stringify(rule) + ": " + ddoc_url);
else if(minimum_depth === -3)
self.medium("Root-level rewrite " + JSON.stringify(rule) + ": " + ddoc_url);
else if(minimum_depth < -3)
self.high("Unknown rewrite " + JSON.stringify(rule) + ": " + ddoc_url);
})
})

self.on('end', function() {
Expand Down

0 comments on commit 5d42a9d

Please sign in to comment.