My second concern is that if Tapestry is designed to control the entire context, people may ignore that fact and try to map files to the context root anyway. In doing this, they could easily open up a (very minor) security hole where people might be able to access raw files from the context root that are intended to be templates or page files.
Thoughts?
Eric Everman
At 11/15/2002, [EMAIL PROTECTED] wrote:
Nope, these ideas are where we are headed.
My thinking is that the templates belong in the context root, so that relative
URLs to static assets work.
I had been thinking that any page that required a page specification would
require an entry into the application specification.
This idea, that there could be a specific directory where page specifications
are stored, is very worthwhile.
Where we could end up is that the application specification exists to identify
libraries and components.
--
[EMAIL PROTECTED]
-------------------------------------------------------
This sf.net email is sponsored by: To learn the basics of securing your web site with SSL, click here to get a FREE TRIAL of a Thawte Server Certificate: http://www.gothawte.com/rd524.html
_______________________________________________
Tapestry-developer mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/tapestry-developer
