search

psu-libraries / scholarsphere-3

A web application for ingest, curation, search, and display of digital assets. Powered by Hydra technologies (Rails, Hydra-head, Blacklight, Solr, Fedora Commons, etc.)
Apache License 2.0
78 stars 24 forks source link

Add filters for bad urls #1524

Open carolyncole opened 5 years ago

carolyncole commented 5 years ago

You will want to a compile a list of valid URL’s for your app. Anything other than this is simply dropped. Here is what is used in ETDA Workflow:

RewriteCond %{REQUEST_URI} !/$

RewriteCond %{REQUEST_URI} !^/about

RewriteCond %{REQUEST_URI} !^/admin

RewriteCond %{REQUEST_URI} !^/assets

RewriteCond %{REQUEST_URI} !^/author

RewriteCond %{REQUEST_URI} !^/committee_members

RewriteCond %{REQUEST_URI} !^/cosign

RewriteCond %{REQUEST_URI} !^/favicon.ico

RewriteCond %{REQUEST_URI} !^/login

RewriteCond %{REQUEST_URI} !^/logout

RewriteCond %{REQUEST_URI} !^/robots.txt

As you can see it is more than just what you see in routes, you might have something for /binaries etc… We can push your changes to QA and then have you run the full test suite against it to see if anything breaks.