I am new to JSF and writing first simply jsf web app. URL with .jsf are mapping to .xhtml files in WebContent but why I can open .xhtml in web browser with all jsf tags. How to protect this?

You could add a security constraint to your <code>web.xml</code> blocking all requests to <code>*.xhtml</code>. <pre class="prettyprint lang-xml prettyprint-override"><code><security-constraint> <display-name>Restrict raw XHTML Documents</display-name> <web-resource-collection> <web-resource-name>XHTML</web-resource-name> <url-pattern>*.xhtml</url-pattern> </web-resource-collection> <auth-constraint /> </security-constraint> </code></pre>

How to avoid user access to .xhtml page in JSF?

1 Answers

You could add a security constraint to your web.xml blocking all requests to *.xhtml.

<security-constraint>
    <display-name>Restrict raw XHTML Documents</display-name>
    <web-resource-collection>
        <web-resource-name>XHTML</web-resource-name>
        <url-pattern>*.xhtml</url-pattern>
    </web-resource-collection>
    <auth-constraint />
</security-constraint>

176

answered Oct 20 '22 20:10

stacker

Recent Activity
Apple Pay - authorize.net returns error 153 only when live, sandbox works
How to continue cursor loop even error occured in the loop
python find all neighbours of a given node in a list of lists
Fatal error: Call to a member function setColumn() on a non-object in Magento
Count how many of each value from a field with MySQL and PHP
Python 32-bit development on 64-bit Windows [closed]

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!

Donate Us With

How to avoid user access to .xhtml page in JSF?

Tags:

java

jsf

jsf-2

e2k

1 Answers

stacker

Recent Activity

Donate For Us

How to avoid user access to .xhtml page in JSF?

Tags:

java

jsf

jsf-2

e2k

1 Answers

stacker

Related questions

Recent Activity

Donate For Us