cocoon-docs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From stev...@outerthought.org
Subject [WIKI-UPDATE] DocsWishlist Security Sun Aug 10 12:00:03 2003
Date Sun, 10 Aug 2003 10:00:03 GMT
Page: http://wiki.cocoondev.org/Wiki.jsp?page=DocsWishlist , version: 19 on Sun Aug 10 09:10:48
2003 by JoergHeinicke

- *A page describing issues about Cocoon security, including sitemap issues such as utilising
"internal-only" pipelines to prevent access to important resources (e.g. see [email discussion|http://marc.theaimsgroup.com/?l=xml-cocoon-dev&m=104561320205671])
-- [David Crossley]
+ *A page describing issues about Cocoon [security], including sitemap issues such as utilising
"internal-only" pipelines to prevent access to important resources (e.g. see [email discussion|http://marc.theaimsgroup.com/?l=xml-cocoon-dev&m=104561320205671])
-- [David Crossley]
?                                        +        +



Page: http://wiki.cocoondev.org/Wiki.jsp?page=Security , version: 2 on Sun Aug 10 09:17:31
2003 by JoergHeinicke

+ * internal pipelines (not reachable from outside, but with cocoon: pseudo protocol): {{<map:pipeline
internal-only="true"/>}}
+ * issues with paths, e.g. a {{showfile}} page where request param {{file}} specifies the
file to show:
+ {{{
+ <map:match pattern="showfile">
+   <map:act type="request">
+     <map:parameter name="parameters" value="true"/>
+     <map:read src="{file}" mime-type="text/plain"/>
+   </map:act>
+ </map:match>
+ }}}
- 



Mime
View raw message