Hi, simple question (I hope):
Does it really matter if someone can see the naked path to a servlet in the
"action" attribute of an HTML <form> tag? I mean, if I have this form:
<form method="POST" action="./servlet/SomeServlet">
<!-- some input tags go here -->
</form>
anyone can see the URL to my servlet and attempt to send it data directly.
At first I thought that this was a security problem and that I should
obfuscate the path to the servlet somehow, but on second thought it strikes
me that this is no different than someone seeing the path to a CGI script in
a form either.
Any advice?
Erik
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
