preventing jsp fragments from being viewable through web

howlsnnite Dec 7, 2004 3:14 PM

Hello,

I'm currently trying my hand at jsps on JBoss 3.2.6, and I have a particular jsp fragment that I statically include into other pages (using <%@ include file="" %>). The problem that I'm having is that the jsp fragment can be viewed from the web, and since it has potentially sensitive info, I need a way to lock it from view...

Any suggestions?

1. Re: preventing jsp fragments from being viewable through web

raist_majere Dec 7, 2004 7:34 PM (in response to howlsnnite)

Move under a subdir of WEB-INF directory. This dir is only accessible inside the web-app, so nothing from the "outside" can see what it has...
Actions