Dear TEI-Community,

thank you for offering an increasing number of documents stored in outstanding great databases like eXist-db and available via REST. Would those guys using eXist-db consider to capture&redirect the "_query" parameter (or at least a set of function names) to avoid offering an open proxy like in this example:;response:stream-binary(%20xs:base64Binary(%20data(httpclient:get(xs:anyURI(%22,%20false(),%20())//httpclient:body))%20,%20%22image/jpg%22)

If you are using Apache you might want to

        RewriteEngine on
        RewriteCond %{QUERY_STRING} _query=
        RewriteRule (.*) $1? [R=permanent]

Mathias Göbel
Research and Development

Georg-August-Universität Göttingen
Göttingen State and University Library
D-37070 Göttingen

Papendiek 14 (hist. building, room 2.408)
+49 551 39-20184 (Tel.)
+49 551 39-33856 (Fax.)

[log in to unmask]