[ http://issues.apache.org/jira/browse/TAPESTRY-843?page=all ]
Brian K. Wallace updated TAPESTRY-843:
--------------------------------------
Attachment: Patch for Friendly URL security concern.patch
Attached is a patch to the Friendly URL documentation that includes a warning
addressing security concerns when dealing with the friendly URL contribution.
> Friendly URL documentation concerning security and ugly URLs
> ------------------------------------------------------------
>
> Key: TAPESTRY-843
> URL: http://issues.apache.org/jira/browse/TAPESTRY-843
> Project: Tapestry
> Type: Bug
> Components: Documentation
> Versions: 4.0
> Environment: All
> Reporter: Brian K. Wallace
> Attachments: Patch for Friendly URL security concern.patch
>
> The friendly URL documentation implies that enabling of friendly URLs is a
> way to enable security for Tapestry generated URLs. While this part of the
> documentation is correct, it implies that the 'ugly' URLs are no longer
> accessible - thereby enabling security for Tapestry sites. This is not
> correct and should be documented (at the very least).
> Ideally, there should be a method in the framework itself that would disable
> access to the original URLs if the friently URL contribution is made.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
