Re: "Just say no to JSP" Re: [Fwd: Tomcat may reveal scriptsource code by URL trickery]

At 11:24 AM -0700 04/04/2001, Jon Stevens wrote: >I love the article title: >"Just say no to JSP" Glad that change made it in. DDJ wanted "Just say no to HTML". Arggh. >I'm so happy to see that more and more people are waking up to the fact that >JSP is bad. I'm also happy to see you worry about

Re: "Just say no to JSP" Re: [Fwd: Tomcat may reveal scriptsource code by URL trickery]

Hi Brad! Brad Cox wrote: > I should point out at the outset that this isn't to assign blame but > to point out a problem... namely, the complexity that developers must > deal with to get a working infrastructure in place. My application > uses Apache, JServ, Java, and the servlet engine from Tomc

RE: "Just say no to JSP" Re: [Fwd: Tomcat may reveal scriptsource code by URL trickery]

I sure had my "little" flames with Jon, but that is a very important thing I learned from him. I agree that the problem is there - not enough error info - and I had my share of such problems, but this is open source, so, you can fix it. OTOH, some developers can still learn a bit from this kin

Re: "Just say no to JSP" Re: [Fwd: Tomcat may reveal scriptsource code by URL trickery]

on 4/5/01 5:01 AM, "Mark T. Harris" <[EMAIL PROTECTED]> wrote: > And of course, to debug JSP code, you really have to go after the generated > servlet. Well, read the whole essay...but here are a few good chapters relevant to the above:

Re: 'Just say no to JSP' Re: [Fwd: Tomcat may reveal scriptsource code by URL trickery]

Mel, Please do not CC me directly as I'm already on the list. I have filed your changes away for when I do my next revision of the site (there are several other people's comments that I want to integrate as well). I hear you and you made good suggestions. Also, I do have to say that those two ni

Re: "Just say no to JSP" Re: [Fwd: Tomcat may reveal scriptsource code by URL trickery]

on 4/4/01 3:55 PM, "Brad Cox" <[EMAIL PROTECTED]> wrote: > Glad that change made it in. DDJ wanted "Just say no to HTML". Arggh. Yucky. >> I'm so happy to see that more and more people are waking up to the fact that >> JSP is bad. I'm also happy to see you worry about form validation issues. >>

Re: 'Just say no to JSP' Re: [Fwd: Tomcat may reveal scriptsource code by URL trickery]

on 4/5/01 10:13 AM, "[EMAIL PROTECTED]" <[EMAIL PROTECTED]> wrote: > So we need to fix it :-) After all that's one of the diferences between > the zillion templating systems and jsp - a spec with a wide variety of > implementations that improve. > > I do agree with some of Jon's arguments - the

Re: 'Just say no to JSP' Re: [Fwd: Tomcat may reveal scriptsource code by URL trickery]

on 4/5/01 5:35 AM, "Matthew Dornquast" <[EMAIL PROTECTED]> wrote: > I could be wrong given I don't know the full context, but the code from the > article on this page: > http://jakarta.apache.org/velocity/ymtd/ymtd-generation.html isn't thead > safe, multiple requests coming in on different thre