For the servlet part, the common use is 'alias'. And either you use CGI or Servlet if you get the DDOS attack, you are out of luck.
Pae ----- Original Message ----- From: "Price, Erik" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, December 04, 2002 10:36 AM Subject: hiding servlet URLs in JSPs Hi, simple question (I hope): Does it really matter if someone can see the naked path to a servlet in the "action" attribute of an HTML <form> tag? I mean, if I have this form: <form method="POST" action="./servlet/SomeServlet"> <!-- some input tags go here --> </form> anyone can see the URL to my servlet and attempt to send it data directly. At first I thought that this was a security problem and that I should obfuscate the path to the servlet somehow, but on second thought it strikes me that this is no different than someone seeing the path to a CGI script in a form either. Any advice? Erik -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
