hi, i remember a discussion about allowing direct script execution (a request to /foo/my.jsp executes the script instead of delivering the content).
while this might by funny (and sometimes useful) it is especially a problem when .js files are handled by rhino. so a request to my "/docroot/my.js" executes it on the server instead of delivering it to the client. i strongly believe that executing directly addressed scripts should be prohibited. regards, toby ps: if this is really needed, it could be done using a mixin node type to mark the file/resource as executable.eg: sling:executable -- -----------------------------------------< [EMAIL PROTECTED] >--- Tobias Bocanegra, Day Management AG, Barfuesserplatz 6, CH - 4001 Basel T +41 61 226 98 98, F +41 61 226 98 97 -----------------------------------------------< http://www.day.com >---
