Hi!
I'm developing a Tapestry 5 application and I was looking at access to
assets via URLs. I typed http://localhost:8080/assets/tapestry/default.css
to take a look at T5 default CSS values.
Then I typed http://localhost:8080/assets/hibernate.cfg.xml . . . and it
showed that file. It's a security flaw.
Is there any measure already implemented against this kind of attack? It
would be very nice if we could block asset access to files and folders
through some Tapestry-IoC contribution. ;)
Thiago
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]