Lists Home |
Date Index |
Michael Champion wrote:
> ...I would have to agree that
> security by obscurity is not something to rely on, but I'm not sure I
> would agree that advertising your internal architecture to potential
> hackers is a great idea either.
As hackers have just as much focus mucking about with plain ole web
sites, isn't that an argument for hiding your entire site behind
I don't see how defining a public URL space exposes any details about
my application structure. I've done it, for both human and machine
oriented interfaces, and you can't tell from the url structure or
response formats what my backend is doing. Or even if the entities in
the URI map 1:1 with entities in my database schema.