Chris,
Christopher Schultz wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
André,
On 11/21/11 4:06 AM, André Warnier wrote:
S Ahmed wrote:
I know when I go in production I will have nginx map to this
folder to serve the static files,
which, as far as I understand your planned setup, would be a really
bad idea.
Only if you don't know what you're doing.
Granted. But in that respect, many people don't realise what they're doing, as many
previous questions on the list show.
Also, there is a big difference between this:
DocumentRoot /path/to/tomcat/webapps/mywebapp
and this:
Alias /Assets /path/to/tomcat/webapps/mywebapp/Assets
The latter is quite a bit safer IMO.
Yes, but what the OP would need to do, considering where he wanted to put the
files, would be
> Alias /Assets /path/to/tomcat/webapps/mywebapp/WEB-INF/Assets
which in my view is at least an opening for doing less safe things (*), which is why
several people have already suggested /not/ to put the Assets sub-directory under WEB-INF.
(*) because in order for that to work, the user-id under which Apache is running, already
needs at least "rx" permissions to all the directories in that path (WEB-INF included).
Which is unnecessary and unsafe.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
