Re: ResourceManager/RequestHandler and security issues
Re: ResourceManager/RequestHandler and security issues
- Subject: Re: ResourceManager/RequestHandler and security issues
- From: Don Lindsay <email@hidden>
- Date: Wed, 28 May 2008 14:12:47 -0400
With a WOImage, WOActiveImage, and several other WO Controls you can
specify a framework that your image file is loaded from and then the
image name. When you use this methodology you do not need to specify
a path for an image resource. For webserverresources, for css or
other, you can put in a virtual link to WEB-INF/appname.app/Contents/
WebServerresources/mycss.css. I may not be understanding how you are
wanting to access your resources.
On May 28, 2008, at 2:05 PM, Oliver Scheel wrote:
To serve images and CSS files through tomcat, you can put your
images and files in the ROOT webapp under the WEBAPPS directory, I
place my images in a directory named images. If you are using the
JK connector you put them on your webserver in the root directory
and images directory .
one of the difficulties in the current project is, that I can only
upload/provide a WAR ;-) I don't have any direct access to anything
else and also want to keep the installation procedure as much simple
as possible.
My idea would be to validate the wodata path against something like
WEBINFOROOT/MyApp.woa/Contents/WebServerResources (or better but
less secure to catch all frameworks) - path must contain
"WebServerResources"...
Much better would be to additionally encrypt the string to hide the
physical directory completely.
Oliver
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
@mac.com
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden