Re: [Exist-open] URL Rewriting - via Jetty's Rewrite Handler or XQueryURLRewrite?

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Completely agree with Adam's responses; its unwise to expose
functionality which is probably what eXist is doing if its not
configured correctly, especially in critical production systems. This
is typical with any large complicated server 'thing' on the internet
and not something specific to eXist.

As mentioned in previous responses I tend to use the following stack

 * iptables

 * squid (or some other caching layer)

 * apache with mod_security

 * eXist

note all of the above could be on different boxes with certain network
restrictions, etc. etc

I would like to add that though eXist dev team tries its best to make
sure things are not insecure the the next step in sophsitication would
be to include a vulnerability checking target to test trunk ... using
the variety of open source vuln checkers out there. We could also
perform static analysis on the code ... perhaps all for future
releases.

Jim Fuller

Re: [Exist-open] URL Rewriting - via Jetty's Rewrite Handler or XQueryURLRewrite?

eXist-db is a feature rich Open Source native XML database

Re: [Exist-open] URL Rewriting - via Jetty's Rewrite Handler or XQueryURLRewrite?