I agree, there's no need to place .java files, the .class files under
/WEB-INF/ are sufficient.
Unless you're writing an Applet, which has to exist outside /WEB-INF/
, all other classes are protected from browser/ client access when
they're under /WEB-INF/
-Rashmi
On 5/19/07, Pid <[EMAIL PROTEC
This is less programmatical than pragmatical but you could try not
putting your .java files on the web server...
:oP
Lucas Galfaso wrote:
I think that a new servlet to filter these files is not the proper
approach, and you should use a filter :)
- LG
On 5/18/07, Milanez, Marcus <[EMAIL PROT
I'll second that one.
A basic filter that checks the request for .bak, .java, .whatever is
relatively easy and transparent (you don't have to change even one line
of your existing code). When you find one of those banned extensions,
just return a 403 (forbidden) or 404 (not found) on the resp
I think that a new servlet to filter these files is not the proper
approach, and you should use a filter :)
- LG
On 5/18/07, Milanez, Marcus <[EMAIL PROTECTED]> wrote:
Is it possible to prevent the request os unwatned extensions, like
*.bak, *.java and so on, through web.xml file? My solution w
On 5/18/07, Milanez, Marcus <[EMAIL PROTECTED]> wrote:
In fact I don't have this files in my server. The thing is, whenever I
invke URLs that matches /dwr/anyFile.java, I get a positive DWR answer,
as if I had such files in my server.
What do you mean by "positive answer"?
I just happened to
> From: Milanez, Marcus [mailto:[EMAIL PROTECTED]
> Subject: RES: Prevent unwanted requests
>
> In fact I don't have this files in my server. The thing is, whenever I
> invke URLs that matches /dwr/anyFile.java, I get a positive
> DWR answer,
> as if I had such files in my server.
Don't confuse
> From: Milanez, Marcus [mailto:[EMAIL PROTECTED]
> Subject: Prevent unwanted requests
>
> Is it possible to prevent the request os unwatned extensions, like
> *.bak, *.java and so on, through web.xml file?
The real question is: Why do have .java, etc., files in accessible
locations? If you kee
