Unless you could get Tomcat/etc to restrict access to your reset service (I'm not sure how you'd do that, if it is even possible -- you'd want some kind of expression restriction on "service=reset"), anyone could call it.
/dev/mrg -----Original Message----- From: Daniel M Garland [mailto:[EMAIL PROTECTED] Sent: Wednesday, November 09, 2005 8:51 AM To: Tapestry users Subject: Re: Live change strategy Hi Alexandr Where do I set this option you mention? Also, I presume this will mean that anybody can reset a page in Tapestry, whats stopping someone using a DoS attack on the reset service? Dan Alexandr Kundirenko wrote: > Hello Daniel, > > Enable reset service adding this option: > -Dorg.apache.tapestry.enable-reset-service=true > > Usage: http://localhost:8080/appName/app?service=reset&page=PageName > -- Dan Garland ------------------------ [EMAIL PROTECTED] mob: +44 (0) 7979 770053 icq: 120963437 aim: dmgarland1767 ______________________________________________________________________ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________ --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
