In that case wouldn't it be better to configure the default Jetty servlet to serve up the paths you want, and then comment it out?
The argument against using the Jetty servlet is (usually) that it won't work in Tomcat etc, but if it is commented out then that seems irrelevant. Nick From: Lev Epshteyn [mailto:[email protected]] Sent: Friday, 12 December 2008 2:58 AM To: Nick Lothian Cc: [email protected] Subject: Re: Adding local file rendering support to Sample Container Hmmm... That's a good point. How about leaving the pertinent servlet declarations commented out in the web.xml files? That ought to mitigate the problem, yet make distributing a "dev-only" binary a simple affair... On Wed, Dec 10, 2008 at 10:29 PM, Nick Lothian <[email protected]<mailto:[email protected]>> wrote: If people leave this in on a production system (which they will do), and deploy behind a reverse proxy then in some circumstances (depending on your servlet engine & config) ALL request may appear to come from 127.0.0.1<http://127.0.0.1>. (See, for eg: http://grokbase.com/thread/m/2006/07/17/patch-to-override-request-getremoteaddr-if-behind-a-reverse-proxy/xaqnRqmBVpzX-i2E8I1LGljLwzA#xaqnRqmBVpzX-i2E8I1LGljLwzA) That could be kind bad (especially since there is no checking of the path for directory traversal etc). Nick -----Original Message----- From: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] Sent: Thursday, 11 December 2008 9:35 AM To: [email protected]<mailto:[email protected]> Subject: Adding local file rendering support to Sample Container Reviewers: shindig-dev, Description: This patch enables Shindig's Sample Container to render files local to the developer's machine. This is facilitated by adding a Servlet that serves these files (only to localhost requests). The Sample Container UI has been changed to support this feature (including allowing one to pick a file from the local filesystem via a file input control) Please review this at http://codereview.appspot.com/10269 Affected files: java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/localfile/LocalFileServlet.java java/server/src/main/webapp/WEB-INF/web.full.xml java/server/src/main/webapp/WEB-INF/web.gadgets.xml java/server/src/main/webapp/WEB-INF/web.xml javascript/samplecontainer/samplecontainer.html javascript/samplecontainer/samplecontainer.js IMPORTANT: This e-mail, including any attachments, may contain private or confidential information. If you think you may not be the intended recipient, or if you have received this e-mail in error, please contact the sender immediately and delete all copies of this e-mail. If you are not the intended recipient, you must not reproduce any part of this e-mail or disclose its contents to any other party. This email represents the views of the individual sender, which do not necessarily reflect those of Education.au except where the sender expressly states otherwise. It is your responsibility to scan this email and any files transmitted with it for viruses or any other defects. education.au limited will not be liable for any loss, damage or consequence caused directly or indirectly by this email. ________________________________ IMPORTANT: This e-mail, including any attachments, may contain private or confidential information. If you think you may not be the intended recipient, or if you have received this e-mail in error, please contact the sender immediately and delete all copies of this e-mail. If you are not the intended recipient, you must not reproduce any part of this e-mail or disclose its contents to any other party. This email represents the views of the individual sender, which do not necessarily reflect those of Education.au except where the sender expressly states otherwise. It is your responsibility to scan this email and any files transmitted with it for viruses or any other defects. education.au limited will not be liable for any loss, damage or consequence caused directly or indirectly by this email.
