cocoon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From H.vanderLin...@MI.unimaas.nl
Subject RE: [RT] Escaping Sitemap Hell - side note
Date Thu, 06 Jan 2005 08:29:14 GMT
Daniel,

First off: great post. I agree with your ideas and reading through this post
I realised I have tried implementing my URL space along these lines, ending
up with a huge and very unclear sitemap, so every improvement is welcome.

However, the example below is a bad one from a privacy/security POV:

> The idea is that an URL identifies a resource. For the patient case 
> above it could be:
> http://myhospital.com/person/123456789

In medical software your should always be aware that you will never expose
identifying information to unauthorized persons. Therefore the above URL
would be usable only in an environment where no unauthorized access to the
software or even view of the screen is possible.

Yes, I know that the first thing most medical software does is put some
identifying data of the patient on the screen (such as name, address, gender
and DOB) and often the ID in the current system as well. This is partly
necessary (except for the ID part), but it should never ever be part of a
cool URL that can be bookmarked or otherwise be addressed directly or stored
outside the application.

In short, the ideas of cool URLs is great, but the implementation domain
might require otherwise.

Bye, Helma


Mime
View raw message