Thanks for all! On Tue, Jul 12, 2016 at 7:17 AM, Rainer Jung <rainer.j...@kippdata.de> wrote:
> Am 12.07.2016 um 12:06 schrieb André Warnier (tomcat): > >> On 12.07.2016 01:39, Wayne Li wrote: >> >>> Probably the quickest : download these files, install them on your >>>> >>> server, and change the above links. >>> Like : create a sub-directory "/js" of your webapp, and install them >>> there. >>> Then change the above links to : href="js/jquery.mobile-1.4.5.min.css" >>> >>> Yes. It works. Thanks. >>> >>> It is okay for now. but, if I do not want host these files, what should I >>> do? Can you point a direction for me please? >>> >>> >> I just wante to make some personal comments here, to what you write above >> : >> >> You are saying that you do not really want to "host" those files on your >> server, and that you (presumably) would like to continue to link to them >> directly on the jquery host. >> But I believe that there are a few considerations to take into account >> here, on the practical, ethical, and security levels : >> >> Basically, if you do this, then it means that any browser, anywhere, >> that is using your application, will now (try to) access and download >> these files directly from the jquery server, instead of from your server. >> >> 1) ethical aspect : >> Users of your application will now be using the resources and bandwidth >> of a server that is not yours, and which is supported by someone else. >> That someone else may not like this very much. >> I had a (quick and not exhaustive) look at the jquery website, and I did >> not find anything which explicitly discourages people from doing this. >> And it may well be that they actually encourage people to do this (maybe >> they are pleased to have a lot of traffic). >> >> But I believe that before doing something like this, you may want to at >> least ask them if this is ok, or what they recommend. And in particular >> in this case, since jquery is a non-profit, open-source resource for >> which you do not pay in the first place. >> >> 2) practical aspect : >> By doing this, your application becomes dependent on the fact that any >> of your user's browsers would actually be able to access that external >> server, which is not under your control. There could be some firewall >> rule which prevents such an access (now, or at any time in the future). >> That server could be down for maintenance; it could be re-organised, so >> that the files are no longer at that specific URL location; the file >> content could be changed, so that things do no longer work in exactly >> the same way; etc.. >> As you have just found out, even some browser rules (which can change >> over time) may prevent access to these files. >> And I know of some websites which take active measures to prevent people >> doing this (using their resources in such a way), for example by >> checking the "Referer" of the access to their resources. >> >> Another practical aspect, is that if something does not work anymore in >> one of your applications, your users will come to you for an >> explanation; and it may be time-consuming, in a case like this, to find >> out what exactly isn't working. >> >> 3) security aspect : >> If anyone managed to replace the content of that file (again, this is >> not under your control), they would be able to "inject" malicious >> content into your application. >> And to the world at large, this would at first look as if it was your >> application which is the culprit. >> >> These are my personal opinions only. But for the reasons above, I would >> rather host myself the resources needed by my applications. >> > > and > > 4) Privacy: the owner of the external server (here: jquery) is able to > track who is visiting your site. Your visitors might not like this. > > Regards, > > Rainer > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >