On Friday 18 February 2005 19:00, Erik Weber wrote: > Learn to use (Servlet) path mapping ("/something/*") instead of > extension mapping ("*.something").
Hm. Extension mapping is typically safe, while path-prefix mapping may be *not*. The details are laid out in Bergsten's 'Java Server Pages' 2nd Edition, p. 262ff. (O'Reilly, 2002), dealing with the processPath() implementation of Struts 1.0.2. Well, though this might have been changed in the meantime (can anybody here confirm?), we at least strictly stick to extension mapping (not always *.do :-) just for security reasons. > Erik -- Chris. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]