I think hat's a legitimate problem. I know in T4 a checksum was
generated by links to assets and then verified by tapestry before
yielding the actual asset (by verifying the sum). However the fact that
you can use the asset service to pull any arbitrary file out of the
classpath, even those that are not declared as assets, seems like a
serious issue. I also would like to know a solution (simply restricting
the service to only declared assets should do, but how?).
chris
Thiago H de Paula Figueiredo wrote:
On Thu, 26 Jul 2007 16:46:37 -0300, Daniel Jue <[EMAIL PROTECTED]>
wrote:
Hi, Just don't put configuration resources there.
I'm not sure you had understood what I've said.
My hibernate.cfg.xml is in /src/main/resources. So it is copied by
Eclipse/NetBeans/Maven/whatever to my webapp's classpath. And anything
in the classpath, as far as I can see, is accessible via
<applicatiourl>/assets. As many frameworks expect their configuration
files to be in the classpath, I think we have a little, easy to solve
problem here. :)
Thiago
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
