$Defaultnav is just the beginning. *?readviewentries* can reveal some documents you might be trying to hide with a blank $viewtemplatedefault.
Someone pointed the $defaulnav use could allow anyone to query you view names in case you didn't have a $defaultnav view or you don't redirect users querying the $defaultnav of a view to some others page (using a blank $viewtemplatedefault won't help)
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
Well we $defaultnav you're able to get all the view names, now if you try to display the view directly the $defaultnav will be "triggered" and you'll see nothing, but what you can do to see all public documents is replace the
http://server/db/view?openview by http://server/db/view?readviewentries
This will allow you to see all the precious notesid of all the documents in the view that you were trying to hide.
?readviewentries is a nice feature, but you don't want people to see all your public documents this way.
To prevent I suggest doing the same as for $defaultnav a URL redirect to some other page.
Create and URL redirect for all incoming
*?readviewentries* to somepage.htm