Security and Privacy
PRIO 2 Application Security
open
- Avoid DoS Attacks
- The Sling, CQ and dispatcher concept is very vulnerable for DoS Attacks by default
- Think about generic concept to allow only selectors and suffixes "allowed" by the application (e.g. by regexp patterns)
- Be compatible with URL fingerprinting concepts of HTML library manager
PRIO 2 Cookie Policies
open
- Allow suppression of "non-technical" cookies by uses / cookie warnings
- Research the capabilities of the new built-in Cookie Management features of CQ6 first