Github user lukaszlenart closed the pull request at:
https://github.com/apache/struts/pull/2
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is
Hi,
Thus PR is related to best practises - user shouldn't be able access
JSPs directly. Some examples in showcase are still broken but they
based on Dojo plugin which is deprecated - so they will be removed
anyway.
2014-03-03 21:56 GMT+01:00 lukaszlenart :
> GitHub user lukaszlenart opened a pull
GitHub user lukaszlenart opened a pull request:
https://github.com/apache/struts/pull/2
Restricts direct access to JSP files
This PR moves all JSP files in example apps under `WEB-INF` and adds
security constraints to `web.xml` to avoid accessing JSP files directly. Thus
represents
