Hi, I just skimmed through it, and maybe I am missing something. But it sounds and looks like by default it allows anyone to go anywhere?
I realize we will not be shipping this by default, but I don't think that's a good idea anyway. We should include a regex filter from the start (can be simple, set in an environment variable) and have the default configuration deny all requests. Otherwise we will be tempting spammers and script kiddies, and if you pay for excessive bandwidth it can get ugly quite fast. -Arne David Winslow wrote: > Hey all, > > In order to simplify deployment of OpenLayers applications on top of > GeoServer, I would like to create a community module on trunk that > mimics the proxy.cgi script that is often used with OpenLayers. > Basically, this script accepts a URL as a query parameter and forwards > the request to another server, allowing OpenLayers applications to load > feature data and other resources from servers other than the one hosting > the application. The script would eventually allow for host-based and > mimetype-based filtering of proxied requests to help admins prevent > abuse. > > If there are no objections I'd like to get this into SVN later today. > > -- > David Winslow > OpenGeo - http://opengeo.org/ > > > ------------------------------------------------------------------------------ > Crystal Reports - New Free Runtime and 30 Day Trial > Check out the new simplified licensing option that enables unlimited > royalty-free distribution of the report engine for externally facing > server and web deployment. > http://p.sf.net/sfu/businessobjects > _______________________________________________ > Geoserver-devel mailing list > Geoserver-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/geoserver-devel > ------------------------------------------------------------------------------ Crystal Reports - New Free Runtime and 30 Day Trial Check out the new simplified licensing option that enables unlimited royalty-free distribution of the report engine for externally facing server and web deployment. http://p.sf.net/sfu/businessobjects _______________________________________________ Geoserver-devel mailing list Geoserver-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/geoserver-devel
