[Glass] security / dos attacks
otto at finworks.biz
Mon Jan 13 03:01:01 PST 2014
> I did a bit of research and found that there are tools for filtering the
> output of a web application like Apache's mod_security.
> So we shouldn't bother about the "keep it a secret" stuff on the Smalltalk
> side. This can be handled by your frontend http server.
> This means it is important for Seaside or better the http adaptors beneath
> it (Zinc, KOM, Server Smalltalk in VAST, whatever) to do proper error
> handling and respond with codes in the 4xx-5xx range. Everything else is
> somebody else's problem.
More information about the Glass