From: Leo Donahue - PLANDEVX [mailto:leodona...@mail.maricopa.gov] Subject: RE: WEB-INF
> I want to understand why it is a good practice to place > them in WEB-INF To avoid uncontrolled access to your code. For example, if the resources were in a client-accessible area, the resource would have to protect itself against ill-formatted or antagonistic input; if the resource is only accessible to trusted callers (e.g., filters or servlets), the burden of validation can be on the visible component, and the logic in the non-visible resource can be simpler. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
