Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and
privacy statement. We’ll occasionally send you account related emails.
Already on GitHub?
to your account
Amir Pashazadeh opened SPR-8735 and commented
I having something like
<mvc:resources mapping="/resources/**" location="classpath:/com/payeshgaran/framework"/>
a person can download a class file (or other forbidden files) within /com/payeshgaran/framework.
I think ResourceHttpRequestHandler needs to have properties to set rejected or allowed content types for it.
The text was updated successfully, but these errors were encountered:
Rossen Stoyanchev commented
I think the idea is to have resources at a dedicated location (e.g. "classpath:/META-INF/public-web-resources/"). What do you serve from locations where classes reside?
Sorry, something went wrong.
Resolving this as it hasn't been updated for a while and the recommended approach to serving classpath resources is to use a dedicated location.
Amir Pashazadeh commented
I believe it is good to have .css, .js files just next to classes (for example tags) depend on them.
No branches or pull requests