Hello All, While Browsing thru some sites I visited a site http://www.tattooart.pl/ When you visit by links it work fine but when I delibrately omitted some text in url i can see the Directroy structure and can even access them http://www.tattooart.pl/pliki/
Can you People focus as how this can be prevented. (In Jsp/servelt Technology). How One can stop others to use direct access of Page (Do not consider login system/session , Impractical when you just browse thru any website ) Any workaround to stop without implementing session.
Can we hide the url of any Page, or stop its access if one is trying to access it directly.
Thanks.

Recommended Answers

All 2 Replies

Provided example is from Apache with badly secured PHP. As far I'm aware this wouldn't work on Java web server/container even if there is no security. Login basically enables you to set valid session for users that have access rights, so if anyone without login details try to access same page will fail as session would be false. To add to "general confusion" you can manage web.xml file on your web application where you can mask servlets and JPS alike, simples example of masking can be found here (Head First Servlets & JSP, 2nd edition)

Thanks :) I'll try doing it in a code to have a practical approach
Thanks again.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.