Actually that's not quite true. JSPs add and additional layer, and there could be bug and security issues in that layer. For instance there was a bug that was resolved a few months ago in Tomcat where you could see the JSP pages by using a built in servlet.
Having said that, for most people, the advantages that JSP bring in ease of use is worth the extra exposure. Regards, Dror On Fri, Feb 28, 2003 at 02:25:25PM -0500, Mike Silvers wrote: > No. The main difference is the ease of use for creating HTML documents. > The jsp makes it easier to create HTML documents. When a jsp is used, it > is first compiled into a servlet and then used. > > Mike > > ----- Original Message ----- > From: <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Friday, February 28, 2003 2:12 PM > Subject: Is JSP or Servlet more secure? > > > > For creating a totally new web site, is there any difference from > > security point of view of using only servlets or using only JSPs? > > > > das > > > > > ___________________________________________________________________________ > > To unsubscribe, send email to [EMAIL PROTECTED] and include in the > body > > of the message "signoff SERVLET-INTEREST". > > > > Archives: http://archives.java.sun.com/archives/servlet-interest.html > > Resources: http://java.sun.com/products/servlet/external-resources.html > > LISTSERV Help: http://www.lsoft.com/manuals/user/user.html > > > > > > ___________________________________________________________________________ > To unsubscribe, send email to [EMAIL PROTECTED] and include in the body > of the message "signoff SERVLET-INTEREST". > > Archives: http://archives.java.sun.com/archives/servlet-interest.html > Resources: http://java.sun.com/products/servlet/external-resources.html > LISTSERV Help: http://www.lsoft.com/manuals/user/user.html > -- Dror Matalon Zapatec Inc 1700 MLK Way Berkeley, CA 94709 http://www.zapatec.com ___________________________________________________________________________ To unsubscribe, send email to [EMAIL PROTECTED] and include in the body of the message "signoff SERVLET-INTEREST". Archives: http://archives.java.sun.com/archives/servlet-interest.html Resources: http://java.sun.com/products/servlet/external-resources.html LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
