Hi,
I just noticed I can access a disturbing amount of files through the assets/ path from my application. The user guide for 5.0 states that Tapestry automatically blocks access to all assets and only whitelists critical Tapestry files http://tapestry.apache.org/tapestry5.0/guide/assets.html . However, looking at the 5.1 guide there is no mention of security like in the 5.0 guide. I haven't made any contributions to an AssetPathAuthorizer or even known about them, so I don't think I've done something to specifically allow access to the files via Tapestry code. How can I get the files in my classpath and web context blocked?
Thanks, Rich --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
