...
it was slow. If a user, anywhere in the world was doing a large SDR search on the public component of the website, response times were slowed down for all users
The public SDR component of the system did not have a 1000 record limit then.
The TC Firewall ( at that point in time ) was extremely limiting, sessions would die in the middle of searches and saves
Frequent There were frequent site outages
So it was decided, in April 2010, to setup an internal site for TC Users, to avoid internal users employees having to compete for resources.
...
It was considered making CAWIS “external” only again during the WCAG conversion in 2018, but an internal site was ultimately setup to accommodate security concerns expressed by SSC in September 2017.
https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)
Some other results of this review were
to ensure certain attachment types were not found on any of the attachment tables for each subsystem
to ensure anything perceived as HTML code, was not found - or permitted to be added - to any table containing text input fields
The main differences between the External and Internal sites are as follows :
The Transportation Safety Board (TSB) projects DO NOT appear on the CAWIS menu at all, due to the fact that it contains Protected “B” documents.
The ADMIN/CODE maintenance subsystem has no options other than to purge the browser cache, to test updates of onscreen messaging
CAWIS EXTERNAL
http//www.tc.gc.ca/cawis-swimn (vanity URL - this is used in a great deal of documentation )
https//wwwapps.tc.gc.ca/saf-sec-sur/2/cawis-swimn
...