If you are using the WebAppContext (likely you are since you said you are using the old-school jetty-runner facility). Then know that both "/META-INF/" and "/WEB-INF/" are protected targets mandated by the servlet spec and cannot be accessed or served.
If you want to stick with using a full blown proper WAR file (or exploded webapp directory) then you are sadly stuck with this restriction placed on you from the servlet spec. You could specify an alternate set of protected targets, but that just opens you up for vulnerabilities. (see .setProtectedTargets(String[]) on WebAppContext/ServletContextHandler for how to reset that list). If you go with embeded-jetty, you can use the far simpler ServletContextHandler (instead of the WebAppContext) and many of these kinds of servlet spec requirements. Joakim Erdfelt / [email protected] On Fri, May 31, 2019 at 11:11 AM Darcy Watkins <[email protected]> wrote: > Hi, > > > > I have tried using jetty-runner to serve the content of a ZIP/JAR format > file and it works well except that I am unable to access any of the content > within the META-INF directory. > > > > Is there something that I can do to override this and have all content be > served? > > > > My application is to archive content within a ZIP/JAR archive, sign it and > then have a remote application be able to retrieve and validate the > manifest, after which it would download and validate some (or all) of the > content on an as needed basis. > > > > The only way I have been able to do this so far has been to extract the > META-INF content, re-archive it on its own and then serve it as a second > archive with “—path /META-INF”. Is there a more elegant way to do this? > > > > The host that will serve the content runs CentOS 7. > > > > Thanks in advance for any assistance. > > > > > > *Regards,* > > > > *Darcy* > > > > *Darcy Watkins :: Senior Staff Engineer, Firmware* > > > > *SIERRA WIRELESS* > > Direct +1 604 233 7989 :: Fax +1 604 231 1109 :: Main +1 604 231 > 1100 > > 13811 Wireless Way :: Richmond, BC Canada V6V 3A4 > > [P2] > > *[email protected] <[email protected]>* :: > www.sierrawireless.com > > > _______________________________________________ > jetty-users mailing list > [email protected] > To change your delivery options, retrieve your password, or unsubscribe > from this list, visit > https://www.eclipse.org/mailman/listinfo/jetty-users
_______________________________________________ jetty-users mailing list [email protected] To change your delivery options, retrieve your password, or unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/jetty-users
