Re: Projects and sites powered by Tapestry
...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org -- Djigzo open source email encryption - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org -- View this message in context: http://www.nabble.com/Projects-and-sites-powered-by-Tapestry-tp25348447p25727490.html Sent from the Tapestry - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
Re: Projects and sites powered by Tapestry
Hi, I use the code to protect assets, here is the url: http://example.com/assets http://example.com/assets/ the first url, following code works, second URL, if it runs in jetty, the code works, but if it is under tomcat 6, it still lists files under WEB-INF, any idea? Thanks, martijn.list wrote: Angelo Chen wrote: how to close access to .class and .tml? This has been posted to the list multiple times so I another time wouldn't hurt ;) I use the following code to whitelist some assets. Access to non white listed assets is denied. Add to your application module: private static final String[] ASSET_WHITE_LIST = {jpg, jpeg, png, gif, js, css, ico}; /* * All the assets that are allowed to be downloaded using the assets service (including files without extension and dirs) */ private static final SetString assetsWhitelist = Collections.synchronizedSet( new HashSetString(Arrays.asList(ASSET_WHITE_LIST))); public void contributeHttpServletRequestHandler(OrderedConfigurationHttpServletRequestFilter configuration, @Inject @Value(${access-denied-page}) final String accessDeniedPage) { /* * Create a filter that will block access to some assets. The asset service allows access to some assets we do * not want to expose. The asset service will show all files in /assets/ directory and allows you (by default) * to download some files which you do not want to expose. */ HttpServletRequestFilter filter = new HttpServletRequestFilter() { public boolean service(HttpServletRequest request, HttpServletResponse response, HttpServletRequestHandler handler) throws IOException { String path = request.getServletPath(); if (path.startsWith(/assets) (!assetsWhitelist.contains( StringUtils.lowerCase(FilenameUtils.getExtension(path) { logger.warn(access to asset + path + denied); response.sendRedirect(request.getContextPath() + / + accessDeniedPage); return true; } return handler.service(request, response); } }; configuration.add(AssetProtectionFilter, filter , before:*); } Sergey Didenko wrote: BTW, it's worth to remind again everyone who is going to publish their site urls, to close the access to .class and .tml files . On Tue, Sep 8, 2009 at 6:46 PM, Massimo Lusetti mluse...@gmail.com wrote: On Tue, Sep 8, 2009 at 5:27 PM, Thiago H. de Paula Figueiredothiag...@gmail.com wrote: Hi! I guess this was already discussed some time ago, but I couldn't find it. :( Anyway, it's been a long time, so let's get it started again. ;) Tapestry is a wonderful framework, but it isn't the best known one around. Sometimes, managers ask us to provide some projects/sites/success stories/etc using it so they can be more confident about Tapestry. There's a Success Stories page in the wiki (http://wiki.apache.org/tapestry/SuccessStories), but it hasn't had any edit since 2007-10-05. What about sharing your success stories with us, promoting Tapestry (specially T5)? If the project is a public website, please post the URL here. I think we should have a list of Tapestry-powered sites. Thanks in advance. It would be great to have that page more up to date but i remember Howard asking for private user stories and more then one have replied him even personally so i guess if that would make sense too to have that stories online. Do i remember correctly Howard? -- Massimo http://meridio.blogspot.com - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org -- Djigzo open source email encryption - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org -- View this message in context: http://www.nabble.com/Projects-and-sites-powered-by-Tapestry-tp25348447p25730229.html Sent from the Tapestry - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
Re: Projects and sites powered by Tapestry
A solution to this problem has been posted multiple times. It has even been posted in this thread but I'll post it again I use the following code to whitelist some assets. Access to non white listed assets is denied. Add to your application module: private static final String[] ASSET_WHITE_LIST = {jpg, jpeg, png, gif, js, css, ico}; /* * All the assets that are allowed to be downloaded using the assets service (including files without extension and dirs) */ private static final SetString assetsWhitelist = Collections.synchronizedSet( new HashSetString(Arrays.asList(ASSET_WHITE_LIST))); public void contributeHttpServletRequestHandler(OrderedConfigurationHttpServletRequestFilter configuration, @Inject @Value(${access-denied-page}) final String accessDeniedPage) { /* * Create a filter that will block access to some assets. The asset service allows access to some assets we do * not want to expose. The asset service will show all files in /assets/ directory and allows you (by default) * to download some files which you do not want to expose. */ HttpServletRequestFilter filter = new HttpServletRequestFilter() { public boolean service(HttpServletRequest request, HttpServletResponse response, HttpServletRequestHandler handler) throws IOException { String path = request.getServletPath(); if (path.startsWith(/assets) (!assetsWhitelist.contains( StringUtils.lowerCase(FilenameUtils.getExtension(path) { logger.warn(access to asset + path + denied); response.sendRedirect(request.getContextPath() + / + accessDeniedPage); return true; } return handler.service(request, response); } }; configuration.add(AssetProtectionFilter, filter , before:*); } Angelo Chen wrote: Hi, I use the code to protect assets, here is the url: http://example.com/assets http://example.com/assets/ the first url, following code works, second URL, if it runs in jetty, the code works, but if it is under tomcat 6, it still lists files under WEB-INF, any idea? Thanks, martijn.list wrote: Angelo Chen wrote: how to close access to .class and .tml? This has been posted to the list multiple times so I another time wouldn't hurt ;) I use the following code to whitelist some assets. Access to non white listed assets is denied. Add to your application module: private static final String[] ASSET_WHITE_LIST = {jpg, jpeg, png, gif, js, css, ico}; /* * All the assets that are allowed to be downloaded using the assets service (including files without extension and dirs) */ private static final SetString assetsWhitelist = Collections.synchronizedSet( new HashSetString(Arrays.asList(ASSET_WHITE_LIST))); public void contributeHttpServletRequestHandler(OrderedConfigurationHttpServletRequestFilter configuration, @Inject @Value(${access-denied-page}) final String accessDeniedPage) { /* * Create a filter that will block access to some assets. The asset service allows access to some assets we do * not want to expose. The asset service will show all files in /assets/ directory and allows you (by default) * to download some files which you do not want to expose. */ HttpServletRequestFilter filter = new HttpServletRequestFilter() { public boolean service(HttpServletRequest request, HttpServletResponse response, HttpServletRequestHandler handler) throws IOException { String path = request.getServletPath(); if (path.startsWith(/assets) (!assetsWhitelist.contains( StringUtils.lowerCase(FilenameUtils.getExtension(path) { logger.warn(access to asset + path + denied); response.sendRedirect(request.getContextPath() + / + accessDeniedPage); return true; } return handler.service(request, response); } }; configuration.add(AssetProtectionFilter, filter , before:*); } Sergey Didenko wrote: BTW, it's worth to remind again everyone who is going to publish their site urls, to close the access to .class and .tml files . On Tue, Sep 8, 2009 at 6:46 PM, Massimo Lusetti mluse...@gmail.com wrote: On Tue, Sep 8, 2009 at 5:27 PM, Thiago H. de Paula Figueiredothiag...@gmail.com wrote: Hi! I guess this was already discussed some time ago, but I couldn't find it. :( Anyway, it's been a long time, so let's get it started again. ;) Tapestry is a wonderful framework, but it isn't the best known one around. Sometimes, managers ask us to provide some projects/sites/success stories/etc using it so they can be more confident about Tapestry. There's a Success Stories page in the wiki (http://wiki.apache.org/tapestry/SuccessStories), but it hasn't had any edit since 2007-10-05. What about
Re: Projects and sites powered by Tapestry
it started again. ;) Tapestry is a wonderful framework, but it isn't the best known one around. Sometimes, managers ask us to provide some projects/sites/success stories/etc using it so they can be more confident about Tapestry. There's a Success Stories page in the wiki (http://wiki.apache.org/tapestry/SuccessStories), but it hasn't had any edit since 2007-10-05. What about sharing your success stories with us, promoting Tapestry (specially T5)? If the project is a public website, please post the URL here. I think we should have a list of Tapestry-powered sites. Thanks in advance. It would be great to have that page more up to date but i remember Howard asking for private user stories and more then one have replied him even personally so i guess if that would make sense too to have that stories online. Do i remember correctly Howard? -- Massimo http://meridio.blogspot.com - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org -- Djigzo open source email encryption - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org -- Djigzo open source email encryption - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org -- View this message in context: http://www.nabble.com/Projects-and-sites-powered-by-Tapestry-tp25348447p25732434.html Sent from the Tapestry - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
Re: Projects and sites powered by Tapestry
Angelo Chen wrote: how to close access to .class and .tml? This has been posted to the list multiple times so I another time wouldn't hurt ;) I use the following code to whitelist some assets. Access to non white listed assets is denied. Add to your application module: private static final String[] ASSET_WHITE_LIST = {jpg, jpeg, png, gif, js, css, ico}; /* * All the assets that are allowed to be downloaded using the assets service (including files without extension and dirs) */ private static final SetString assetsWhitelist = Collections.synchronizedSet( new HashSetString(Arrays.asList(ASSET_WHITE_LIST))); public void contributeHttpServletRequestHandler(OrderedConfigurationHttpServletRequestFilter configuration, @Inject @Value(${access-denied-page}) final String accessDeniedPage) { /* * Create a filter that will block access to some assets. The asset service allows access to some assets we do * not want to expose. The asset service will show all files in /assets/ directory and allows you (by default) * to download some files which you do not want to expose. */ HttpServletRequestFilter filter = new HttpServletRequestFilter() { public boolean service(HttpServletRequest request, HttpServletResponse response, HttpServletRequestHandler handler) throws IOException { String path = request.getServletPath(); if (path.startsWith(/assets) (!assetsWhitelist.contains( StringUtils.lowerCase(FilenameUtils.getExtension(path) { logger.warn(access to asset + path + denied); response.sendRedirect(request.getContextPath() + / + accessDeniedPage); return true; } return handler.service(request, response); } }; configuration.add(AssetProtectionFilter, filter , before:*); } Sergey Didenko wrote: BTW, it's worth to remind again everyone who is going to publish their site urls, to close the access to .class and .tml files . On Tue, Sep 8, 2009 at 6:46 PM, Massimo Lusetti mluse...@gmail.com wrote: On Tue, Sep 8, 2009 at 5:27 PM, Thiago H. de Paula Figueiredothiag...@gmail.com wrote: Hi! I guess this was already discussed some time ago, but I couldn't find it. :( Anyway, it's been a long time, so let's get it started again. ;) Tapestry is a wonderful framework, but it isn't the best known one around. Sometimes, managers ask us to provide some projects/sites/success stories/etc using it so they can be more confident about Tapestry. There's a Success Stories page in the wiki (http://wiki.apache.org/tapestry/SuccessStories), but it hasn't had any edit since 2007-10-05. What about sharing your success stories with us, promoting Tapestry (specially T5)? If the project is a public website, please post the URL here. I think we should have a list of Tapestry-powered sites. Thanks in advance. It would be great to have that page more up to date but i remember Howard asking for private user stories and more then one have replied him even personally so i guess if that would make sense too to have that stories online. Do i remember correctly Howard? -- Massimo http://meridio.blogspot.com - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org -- Djigzo open source email encryption - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
Re: Projects and sites powered by Tapestry
Pardon me if I am mistaken, but shouldn't .class and .tml files be under WEB-INF and hence inaccessible automatically? Benny On Thu, Sep 10, 2009 at 2:52 AM, martijn.list martijn.l...@gmail.comwrote: Angelo Chen wrote: how to close access to .class and .tml? This has been posted to the list multiple times so I another time wouldn't hurt ;) I use the following code to whitelist some assets. Access to non white listed assets is denied. Add to your application module: private static final String[] ASSET_WHITE_LIST = {jpg, jpeg, png, gif, js, css, ico}; /* * All the assets that are allowed to be downloaded using the assets service (including files without extension and dirs) */ private static final SetString assetsWhitelist = Collections.synchronizedSet( new HashSetString(Arrays.asList(ASSET_WHITE_LIST))); public void contributeHttpServletRequestHandler(OrderedConfigurationHttpServletRequestFilter configuration, @Inject @Value(${access-denied-page}) final String accessDeniedPage) { /* * Create a filter that will block access to some assets. The asset service allows access to some assets we do * not want to expose. The asset service will show all files in /assets/ directory and allows you (by default) * to download some files which you do not want to expose. */ HttpServletRequestFilter filter = new HttpServletRequestFilter() { public boolean service(HttpServletRequest request, HttpServletResponse response, HttpServletRequestHandler handler) throws IOException { String path = request.getServletPath(); if (path.startsWith(/assets) (!assetsWhitelist.contains( StringUtils.lowerCase(FilenameUtils.getExtension(path) { logger.warn(access to asset + path + denied); response.sendRedirect(request.getContextPath() + / + accessDeniedPage); return true; } return handler.service(request, response); } }; configuration.add(AssetProtectionFilter, filter , before:*); } Sergey Didenko wrote: BTW, it's worth to remind again everyone who is going to publish their site urls, to close the access to .class and .tml files . On Tue, Sep 8, 2009 at 6:46 PM, Massimo Lusetti mluse...@gmail.com wrote: On Tue, Sep 8, 2009 at 5:27 PM, Thiago H. de Paula Figueiredothiag...@gmail.com wrote: Hi! I guess this was already discussed some time ago, but I couldn't find it. :( Anyway, it's been a long time, so let's get it started again. ;) Tapestry is a wonderful framework, but it isn't the best known one around. Sometimes, managers ask us to provide some projects/sites/success stories/etc using it so they can be more confident about Tapestry. There's a Success Stories page in the wiki (http://wiki.apache.org/tapestry/SuccessStories), but it hasn't had any edit since 2007-10-05. What about sharing your success stories with us, promoting Tapestry (specially T5)? If the project is a public website, please post the URL here. I think we should have a list of Tapestry-powered sites. Thanks in advance. It would be great to have that page more up to date but i remember Howard asking for private user stories and more then one have replied him even personally so i guess if that would make sense too to have that stories online. Do i remember correctly Howard? -- Massimo http://meridio.blogspot.com - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org -- Djigzo open source email encryption - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
Re: Projects and sites powered by Tapestry
Benny, indeed that would be the case for a traditional web framework that serves web application assets (e.g. stylesheets, images, javascript) only from the publicly available directories (e.g. outside of WEB-INF). However, because of T5's component nature , if you deployed a component (e.g. as a jar in the web app) it might need to access assets from the classpath (e.g. from the component jar). Hence, currently there is a wide gaping security whole in a stock T5 application's Asset service, that it can access any files on the classpath (e.g. property files, .tml source, etc). There is an issue filed for this , some improvements in T5.1, and a few decent solutions (as the posting above mentions), but the framework is still very vulnerable. Cheers, Alex K On Thu, Sep 10, 2009 at 8:56 AM, Benny Law benny.mk@gmail.com wrote: Pardon me if I am mistaken, but shouldn't .class and .tml files be under WEB-INF and hence inaccessible automatically? Benny On Thu, Sep 10, 2009 at 2:52 AM, martijn.list martijn.l...@gmail.com wrote: Angelo Chen wrote: how to close access to .class and .tml? This has been posted to the list multiple times so I another time wouldn't hurt ;) I use the following code to whitelist some assets. Access to non white listed assets is denied. Add to your application module: private static final String[] ASSET_WHITE_LIST = {jpg, jpeg, png, gif, js, css, ico}; /* * All the assets that are allowed to be downloaded using the assets service (including files without extension and dirs) */ private static final SetString assetsWhitelist = Collections.synchronizedSet( new HashSetString(Arrays.asList(ASSET_WHITE_LIST))); public void contributeHttpServletRequestHandler(OrderedConfigurationHttpServletRequestFilter configuration, @Inject @Value(${access-denied-page}) final String accessDeniedPage) { /* * Create a filter that will block access to some assets. The asset service allows access to some assets we do * not want to expose. The asset service will show all files in /assets/ directory and allows you (by default) * to download some files which you do not want to expose. */ HttpServletRequestFilter filter = new HttpServletRequestFilter() { public boolean service(HttpServletRequest request, HttpServletResponse response, HttpServletRequestHandler handler) throws IOException { String path = request.getServletPath(); if (path.startsWith(/assets) (!assetsWhitelist.contains( StringUtils.lowerCase(FilenameUtils.getExtension(path) { logger.warn(access to asset + path + denied); response.sendRedirect(request.getContextPath() + / + accessDeniedPage); return true; } return handler.service(request, response); } }; configuration.add(AssetProtectionFilter, filter , before:*); } Sergey Didenko wrote: BTW, it's worth to remind again everyone who is going to publish their site urls, to close the access to .class and .tml files . On Tue, Sep 8, 2009 at 6:46 PM, Massimo Lusetti mluse...@gmail.com wrote: On Tue, Sep 8, 2009 at 5:27 PM, Thiago H. de Paula Figueiredothiag...@gmail.com wrote: Hi! I guess this was already discussed some time ago, but I couldn't find it. :( Anyway, it's been a long time, so let's get it started again. ;) Tapestry is a wonderful framework, but it isn't the best known one around. Sometimes, managers ask us to provide some projects/sites/success stories/etc using it so they can be more confident about Tapestry. There's a Success Stories page in the wiki (http://wiki.apache.org/tapestry/SuccessStories), but it hasn't had any edit since 2007-10-05. What about sharing your success stories with us, promoting Tapestry (specially T5)? If the project is a public website, please post the URL here. I think we should have a list of Tapestry-powered sites. Thanks in advance. It would be great to have that page more up to date but i remember Howard asking for private user stories and more then one have replied him even personally so i guess if that would make sense too to have that stories online. Do i remember correctly Howard? -- Massimo http://meridio.blogspot.com - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org -- Djigzo open source email encryption
Re: Projects and sites powered by Tapestry
Thanks for the detailed info, Alex. There is so much to learn. I hope this hole gets patched soon. Benny On Thu, Sep 10, 2009 at 9:41 AM, Alex Kotchnev akoch...@gmail.com wrote: Benny, indeed that would be the case for a traditional web framework that serves web application assets (e.g. stylesheets, images, javascript) only from the publicly available directories (e.g. outside of WEB-INF). However, because of T5's component nature , if you deployed a component (e.g. as a jar in the web app) it might need to access assets from the classpath (e.g. from the component jar). Hence, currently there is a wide gaping security whole in a stock T5 application's Asset service, that it can access any files on the classpath (e.g. property files, .tml source, etc). There is an issue filed for this , some improvements in T5.1, and a few decent solutions (as the posting above mentions), but the framework is still very vulnerable. Cheers, Alex K On Thu, Sep 10, 2009 at 8:56 AM, Benny Law benny.mk@gmail.com wrote: Pardon me if I am mistaken, but shouldn't .class and .tml files be under WEB-INF and hence inaccessible automatically? Benny On Thu, Sep 10, 2009 at 2:52 AM, martijn.list martijn.l...@gmail.com wrote: Angelo Chen wrote: how to close access to .class and .tml? This has been posted to the list multiple times so I another time wouldn't hurt ;) I use the following code to whitelist some assets. Access to non white listed assets is denied. Add to your application module: private static final String[] ASSET_WHITE_LIST = {jpg, jpeg, png, gif, js, css, ico}; /* * All the assets that are allowed to be downloaded using the assets service (including files without extension and dirs) */ private static final SetString assetsWhitelist = Collections.synchronizedSet( new HashSetString(Arrays.asList(ASSET_WHITE_LIST))); public void contributeHttpServletRequestHandler(OrderedConfigurationHttpServletRequestFilter configuration, @Inject @Value(${access-denied-page}) final String accessDeniedPage) { /* * Create a filter that will block access to some assets. The asset service allows access to some assets we do * not want to expose. The asset service will show all files in /assets/ directory and allows you (by default) * to download some files which you do not want to expose. */ HttpServletRequestFilter filter = new HttpServletRequestFilter() { public boolean service(HttpServletRequest request, HttpServletResponse response, HttpServletRequestHandler handler) throws IOException { String path = request.getServletPath(); if (path.startsWith(/assets) (!assetsWhitelist.contains( StringUtils.lowerCase(FilenameUtils.getExtension(path) { logger.warn(access to asset + path + denied); response.sendRedirect(request.getContextPath() + / + accessDeniedPage); return true; } return handler.service(request, response); } }; configuration.add(AssetProtectionFilter, filter , before:*); } Sergey Didenko wrote: BTW, it's worth to remind again everyone who is going to publish their site urls, to close the access to .class and .tml files . On Tue, Sep 8, 2009 at 6:46 PM, Massimo Lusetti mluse...@gmail.com wrote: On Tue, Sep 8, 2009 at 5:27 PM, Thiago H. de Paula Figueiredothiag...@gmail.com wrote: Hi! I guess this was already discussed some time ago, but I couldn't find it. :( Anyway, it's been a long time, so let's get it started again. ;) Tapestry is a wonderful framework, but it isn't the best known one around. Sometimes, managers ask us to provide some projects/sites/success stories/etc using it so they can be more confident about Tapestry. There's a Success Stories page in the wiki (http://wiki.apache.org/tapestry/SuccessStories), but it hasn't had any edit since 2007-10-05. What about sharing your success stories with us, promoting Tapestry (specially T5)? If the project is a public website, please post the URL here. I think we should have a list of Tapestry-powered sites. Thanks in advance. It would be great to have that page more up to date but i remember Howard asking for private user stories and more then one have replied him even personally so i guess if that would make sense too to have that stories online. Do i remember correctly Howard? -- Massimo http://meridio.blogspot.com - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail:
Re: Projects and sites powered by Tapestry
BTW, it's worth to remind again everyone who is going to publish their site urls, to close the access to .class and .tml files . On Tue, Sep 8, 2009 at 6:46 PM, Massimo Lusetti mluse...@gmail.com wrote: On Tue, Sep 8, 2009 at 5:27 PM, Thiago H. de Paula Figueiredothiag...@gmail.com wrote: Hi! I guess this was already discussed some time ago, but I couldn't find it. :( Anyway, it's been a long time, so let's get it started again. ;) Tapestry is a wonderful framework, but it isn't the best known one around. Sometimes, managers ask us to provide some projects/sites/success stories/etc using it so they can be more confident about Tapestry. There's a Success Stories page in the wiki (http://wiki.apache.org/tapestry/SuccessStories), but it hasn't had any edit since 2007-10-05. What about sharing your success stories with us, promoting Tapestry (specially T5)? If the project is a public website, please post the URL here. I think we should have a list of Tapestry-powered sites. Thanks in advance. It would be great to have that page more up to date but i remember Howard asking for private user stories and more then one have replied him even personally so i guess if that would make sense too to have that stories online. Do i remember correctly Howard? -- Massimo http://meridio.blogspot.com - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
Re: Projects and sites powered by Tapestry
how to close access to .class and .tml? Sergey Didenko wrote: BTW, it's worth to remind again everyone who is going to publish their site urls, to close the access to .class and .tml files . On Tue, Sep 8, 2009 at 6:46 PM, Massimo Lusetti mluse...@gmail.com wrote: On Tue, Sep 8, 2009 at 5:27 PM, Thiago H. de Paula Figueiredothiag...@gmail.com wrote: Hi! I guess this was already discussed some time ago, but I couldn't find it. :( Anyway, it's been a long time, so let's get it started again. ;) Tapestry is a wonderful framework, but it isn't the best known one around. Sometimes, managers ask us to provide some projects/sites/success stories/etc using it so they can be more confident about Tapestry. There's a Success Stories page in the wiki (http://wiki.apache.org/tapestry/SuccessStories), but it hasn't had any edit since 2007-10-05. What about sharing your success stories with us, promoting Tapestry (specially T5)? If the project is a public website, please post the URL here. I think we should have a list of Tapestry-powered sites. Thanks in advance. It would be great to have that page more up to date but i remember Howard asking for private user stories and more then one have replied him even personally so i guess if that would make sense too to have that stories online. Do i remember correctly Howard? -- Massimo http://meridio.blogspot.com - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org -- View this message in context: http://www.nabble.com/Projects-and-sites-powered-by-Tapestry-tp25348447p25375291.html Sent from the Tapestry - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
Projects and sites powered by Tapestry
Hi! I guess this was already discussed some time ago, but I couldn't find it. :( Anyway, it's been a long time, so let's get it started again. ;) Tapestry is a wonderful framework, but it isn't the best known one around. Sometimes, managers ask us to provide some projects/sites/success stories/etc using it so they can be more confident about Tapestry. There's a Success Stories page in the wiki (http://wiki.apache.org/tapestry/SuccessStories), but it hasn't had any edit since 2007-10-05. What about sharing your success stories with us, promoting Tapestry (specially T5)? If the project is a public website, please post the URL here. I think we should have a list of Tapestry-powered sites. Thanks in advance. -- Thiago H. de Paula Figueiredo Independent Java consultant, developer, and instructor http://www.arsmachina.com.br/thiago - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
Re: Projects and sites powered by Tapestry
On Tue, Sep 8, 2009 at 5:27 PM, Thiago H. de Paula Figueiredothiag...@gmail.com wrote: Hi! I guess this was already discussed some time ago, but I couldn't find it. :( Anyway, it's been a long time, so let's get it started again. ;) Tapestry is a wonderful framework, but it isn't the best known one around. Sometimes, managers ask us to provide some projects/sites/success stories/etc using it so they can be more confident about Tapestry. There's a Success Stories page in the wiki (http://wiki.apache.org/tapestry/SuccessStories), but it hasn't had any edit since 2007-10-05. What about sharing your success stories with us, promoting Tapestry (specially T5)? If the project is a public website, please post the URL here. I think we should have a list of Tapestry-powered sites. Thanks in advance. It would be great to have that page more up to date but i remember Howard asking for private user stories and more then one have replied him even personally so i guess if that would make sense too to have that stories online. Do i remember correctly Howard? -- Massimo http://meridio.blogspot.com - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org