Hi Edward, It is mostly impossible : when the user's browser parses a line like this : <SCRIPT language=javascript src="http://192.168.39.143:8080/test/system. js"> It must request and download the file "system.js" so that it can execute it on the user's computer. If you block access to this file, even the browsers won't be able to get the script and this will result in probably unwanted behavior of your page.
There has already been a discussion on "hiding code to the users" on this list. And the major question which came up was : "Why the heck would you hide code to the user?" Now I'm asking you that question : why? Hope that helps, -- David -----Original Message----- From: A mailing list about Java Server Pages specification and reference [mailto:[EMAIL PROTECTED]] On Behalf Of Edward King Sent: 5 septembre, 2002 03:19 To: [EMAIL PROTECTED] Subject: How to protect file from download in JSP? I have a JSP file and I deploy it with Apache Tomcat.For example,test.jsp is follows: <%@page contentType="text/html> <%@page language="java" %> <html> <head> <title>test</title> <SCRIPT language=javascript src="http://192.168.39.143:8080/test/system.js";> </SCRIPT> </head> <body> <B><font size=9 color=red>���ӽ�Ŀָ��ϵͳ</font></B> </body> </html> When user visit this test.jsp,he may view this JSP source code by use IE6-View-Source File function and found this source code,then input http://192.168.39.143:8080/test/system.js in IE6 address,he can download my system.js file.But I want to protect my system.js content,how to do it? Thanks in advance! Edward King ==========================================================================To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST DIGEST". Some relevant FAQs on JSP/Servlets can be found at: http://archives.java.sun.com/jsp-interest.html http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.jsp http://www.jguru.com/faq/index.jsp http://www.jspinsider.com
