1 Reply Latest reply on Dec 9, 2008 12:12 AM by Adrian Mitev

    Securing xml

    Gerald Anderson Newbie

      This almost has to be a stupid question, but I'm lost on it.

      From the browser I can access my page.xml files.

      For instance:  http://www.myhost.com/whatever/admin/userManager.page.xml

      From there if you View Source, it's there for you.  I don't have anything I'm super worried about in there, but it could give a potential attacker some hints as to architecture, security and whatnot.

      What's the right way to secure those resources (and any other non-xhtml resources that may be in the view tree).


        • 1. Re: Securing xml
          Adrian Mitev Master

          Put the following in web.xml:


          This is a candidate for the documentation.