EPrints Technical Mailing List Archive

See the EPrints wiki for instructions on how to join this mailing list and related information.

Message: #09385


< Previous (by date) | Next (by date) > | < Previous (in thread) | Next (in thread) > | Messages - Most Recent First | Threads - Most Recent First

Re: [EP-tech] Question on export formats in HTML header


CAUTION: This e-mail originated outside the University of Southampton.

On Tue, 5 Sept 2023 at 23:59, Martin Brändle <martin.braendle@uzh.ch> wrote:
>
> Hi David,
>
> thanks for the explanation. As bots (good or bad ones) may travel through these links, we think for a large repository this may offer quite a large attacking flank (number of items * number of export links).
>
> Kind regards,
>
> Martin

I think a general summary could be: anything that shouldn't be
discoverable, shouldn't be discoverable. If export plugins are exposed
to (unauthenticated) users through a public interface, then they're
discoverable by robots the same way. Maybe we could look into what
configurable options there are (or could be) about which plugins are
exposed in which ways.

At least good robots can be influenced using robots.txt, rel=nofollow, etc.

Cheers
--
  Matthew Kerwin
  https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmatthew.kerwin.net.au%2F&data=05%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7Cd46e6f48ef0340ce268508dbae683347%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C638295534776802536%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=hS%2FIisD%2BS2whT3zFMkNeA4YT5jAtRqLo5%2BwP%2BtYQDKs%3D&reserved=0