More info here http://jakarta.apache.org/tomcat/tomcat-5.5-doc/default-servlet.html#secure which refers to the servlet spec, which is here http://jcp.org/aboutJava/communityprocess/final/jsr154/index.html
> -----Original Message----- > From: vivek gupta [mailto:[EMAIL PROTECTED] > Sent: Friday 22 October 2004 19:07 > To: Tomcat Users List > Subject: How to save files being download > > > Hi Folks, > I am testing my website at web hosting > company which is using tomcat. I can see my > application running if I type www.abc.com/root/. > > But my problem is if I put > > www.abc.com/root/jsp it show all my jsps which lying > in jsp directory and let any one to download my file. > I tested any my localhost to and it works same. > > Any one know how to prevent it. What setting needs to > change so that if user types > www.abc.com/root/jsp > > he get unauthorised access or page can not be > displayed kind message. > > Thanks in advance > Vivek > > > > _______________________________ > Do you Yahoo!? > Declare Yourself - Register online to vote today! > http://vote.yahoo.com > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]