Security and Privacy

PRIO 2 Application Security

(error) open

  • Avoid DoS Attacks
    • The Sling, CQ and dispatcher concept is very vulnerable for DoS Attacks by default
    • Think about generic concept to allow only selectors and suffixes "allowed" by the application (e.g. by regexp patterns)
    • Be compatible with URL fingerprinting concepts of HTML library manager

PRIO 2 Cookie Policies

(error) open

  • Allow suppression of "non-technical" cookies by uses / cookie warnings
  • Research the capabilities of the new built-in Cookie Management features of CQ6 first