> (Don't ask me what I think of stupid operating systems that
> accept "//" in a
> pathname and simply ignore them like Linux does ... grrr).
SGI IRIX 6.5.8 and FreeBSD 4.1-STABLE also behave the same way, I would
expect all Unix machines to do the same.
-Dave
Luc Vanlerberghe wrote:
> Wouldn't it be a better idea NOT to expand the contents of the WEB-INF
> and META-INF directories along with the rest of the webapp and expand
> them into some other directory instead?
>
It would certainly be possible to do this, but I'm not sure it would help any on
th
Wouldn't it be a better idea NOT to expand the contents of the WEB-INF
and META-INF directories along with the rest of the webapp and expand
them into some other directory instead?
Instead of making everything available and try to restrict access
afterwards, it would be much safer not to make it
Jon Stevens wrote:
> on 12/9/2000 7:07 PM, "[EMAIL PROTECTED]"
> <[EMAIL PROTECTED]> wrote:
>
> > +(jspFile.toUpperCase().indexOf("/WEB-INF/") != 0) ||
> > +(jspFile.toUpperCase().indexOf("/META-INF/") != 0))
>
> Seems like it would be better to define this as a constant s
on 12/9/2000 7:07 PM, "[EMAIL PROTECTED]"
<[EMAIL PROTECTED]> wrote:
> +(jspFile.toUpperCase().indexOf("/WEB-INF/") != 0) ||
> +(jspFile.toUpperCase().indexOf("/META-INF/") != 0))
Seems like it would be better to define this as a constant somewhere...
public static final
