Dang, Kishore, you are relentless! I like that!
You have the option of setting each tag with the value you want for
these and programming them in, if you like.
On Sat, 29 Jan 2005 14:40:26 -0600, Kishore Senji <[EMAIL PROTECTED]> wrote:
> >response.setContentType(type);
> >response.setH
>response.setContentType(type);
>response.setHeader("Cache-Control", "");
>response.setHeader("Pragma", "");
>response.setHeader("Expires", "");
>response.addHeader("Content-Disposition","filename=" + name);
With the above headers, is caching turned on or off. Cache-Control is
On Sat, 29 Jan 2005 12:40:21 -0500, William Stranathan
<[EMAIL PROTECTED]> wrote:
> Don't put your html resources, CSS, etc. under WEB-INF - just put the
> JSP's there. If your images or CSS or .js files have anything you need
> to protect from direct access (passwords - perish the thought!
> Pro
lastly, I think, notice that 'resource.do?file=Whatever.jpg' in
is merely text, and so can be "nested" all you like.
Jack
--
"You can lead a horse to water but you cannot make it float on its back."
~Dakota Jack~
"You can't wake a person who is pretending to be asleep."
~Native Prover
Perhaps I should have added that you access the resources as follows:
The rest should be obvious.
Jack
--
"You can lead a horse to water but you cannot make it float on its back."
~Dakota Jack~
"You can't wake a person who is pretending to be asleep."
~Native Proverb~
"Each man is good i
Don't put your html resources, CSS, etc. under WEB-INF - just put the
JSP's there. If your images or CSS or .js files have anything you need
to protect from direct access (passwords - perish the thought!
Proprietary information?), put them under WEB-INF and use DownloadAction
to send them.
w
On Sat, 29 Jan 2005 16:28:42 +, Tim Christopher
<[EMAIL PROTECTED]> wrote:
> I've read that if you store your JSP files under the WEB-INF folder it
> blocks access to html resources (CSS etc).. What's the work around to
> ensure the JSP has access to all the resources it still needs?
>
> Tim
]
> Sent: Saturday, January 29, 2005 9:07 AM
> To: Struts Users Mailing List
> Subject: Re: Blocking direct access to JSPs
>
> My argument against it is that WEB-INF is meant to be configuration
> information and "support files", and while I agree with viewing JSPs as
>
#x27;s though I still put my
JSP's, used as (tiles) display templates, under /WEB-INF/pages.
Regards,
One "David"'s $0.02 worth
-Original Message-
From: Frank W. Zammetti [mailto:[EMAIL PROTECTED]
Sent: Saturday, January 29, 2005 9:07 AM
To: Struts Users Mailing List
Sub
My argument against it is that WEB-INF is meant to be configuration
information and "support files", and while I agree with viewing JSPs as
templates, I don't view them as support files either. Let me put it
another way... WEB-INF should be things that are not
application-specific, except for
We had this discussion a lot last week, and it seems to be somewhat
divided on whether JSP's belong in WEB-INF. What was your compelling
argument AGAINST it?
My compelling argument FOR it has always been that WEB-INF is where
application artifacts that are not complete web artifacts belong. W
Take a look at http://wiki.apache.org/struts/StrutsCatalogHidingPagesUnderWEBINF
for one of the more common approaches taken for this problem.
On Fri, 28 Jan 2005 19:09:46 +, Tim Christopher
<[EMAIL PROTECTED]> wrote:
> Hi,
>
> I would like to block direct access to jsp files, and from what
Hi,
I would like to block direct access to jsp files, and from what I've
read the best practice appears to be setting a security-constraint
within the web.xml file. (As opposed to storing all *.jsp files
within the WEB-INF folder, though please correct me if that's wrong).
I've currently tried u
13 matches
Mail list logo
