I have some JSP files that are included in other JSP files:
<%#include file="pages/contentXY.jsp"%>
This files should not be accessable for direct access.
So https://myUrl/pages/content/XY.jsp should not be accessable.
How can I achieve this?
Related
i am trying to directive include a .jsp page in Java but the link is not recognized by Netbeans 8.2 and is showed as plain text.
<%# include file="/WEB-INF/templates/header.html" %>
How can i solve this?
You cannot read from the WEB-INF directory. Have a look at this document to see how a WAR file should be organised.
I try to add a CSS file to an JSP which is running on tomcat 8. The CSS just changes the appearance of tables. The CSS file is in the same folder as the JSP. I tried using:
<link href="table.css" rel="stylesheet" type="text/css">
but it didn't show any changes. So I tried:
<style type="text/css">
<%# include file="./table.css" %>
</style>
But this gives me a weird error, when I try to reach the page in my browser on the first try I get 404 - Resource not found but when I try again it works. What can cause this and is there an easier way to import my CSS file in the JSP? I use a servlet to reach the JSP if that matters.
Edit:// I just checked the WAR File i exported and the WEB-INF Folder only contains my classes the Folders of the HTML and JSP Sites are on the root directory of the WAR file.
I'd put all your .css files in a folder named /css right under the root of your WAR. The path would be css/table.css.
Same for JavaScript: create a folder named /js right under the root of your WAR. The path to JavaScript is js/foo.js
I want to create a custom JSP tag as follows.
<ng:template src="../js/Rule/templates/rule-list.jsp" />
Which will actually include the file "../js/Rule/templates/rule-list.jsp" inside a scripts tag and generate HTML as follows.
<script type="text/ng-template" id="../js/Rule/templates/rule-list.jsp">
Content of ../js/Rule/templates/rule-list.jsp file
</script>
So far I have creates following tagfile.
<%# attribute name="src" required="true" rtexprvalue="true" %>
<script type="text/ng-template" id="${src}">
<%# include file="${src}" %>
</script>
Which is giving this error
File "${src}" not found
Means its trying to include the ${src} instated of its value. Can any one suggest how to include file in tag file from specified attribute value?
Note: I am using angularjs. I want to load angularjs templates without ajax call. Because my browser is not able to load ng-template with AJAX call for cross domain call problem.
Got it. I need to use dynamic include as
<jsp:include page="${src}" />
This is working fine.
WEB-INF directory is a special directory that is not part of the public directory tree of your web (Servlet) application.
The Servlet Specification states (page 70 or so):
A special directory exists within the application hierarchy named
“WEB-INF”. This directory contains all things related to the
application that aren’t in the document root of the application. The
WEB-INF node is not part of the public document tree of the
application. No file contained in the WEB-INF directory may be served
directly to a client by the container. However, the contents of the
WEB-INF directory are visible to servlet code using the getResource and
getResourceAsStream method calls on the ServletContext, and may be
exposed using the RequestDispatcher calls.
AngularJS cannot see any folder inside your web application WEB-INF folder since it has no "connection" to it.
You will have to add those template files in a public folder, view-able by your Angular template files.
I have a text.class file that is in the same directory in my .jsp file, how can I include it in my jsp file? usually all of the classes should be in the WEB-INF,however I can't put it there.. Usually what I do is:
<%#Test.test" %>
where Test is a folder in the WEB-INF, so how can I do this now?
<%# page import="Test.test" %>
Provided that Test.test is in your classpath .The better place is to put it is:
WEB-INF/classes/Test/test
Not really an answer, but a warning you should check.
Putting your class files at your JSP folder can lead to security concerns.
The servlet container allows HTTP access for everything under the root web application dir (or inside the war file) but the content of the WEB-INF and META-INF folders. These folders are protected by default.
If you put a class at a different location, somebody could access an download it just writing the URL at his browser nav bar:
http://host:port/appContext/Test/test.class
I don't know if your app handles sensitive data, or your class contains code accessing main components of your application, which could be exposed if someone downloads and decompile your code: it is kind of a serious security risk.
Rethink your app structure, an keep your classes under the WEB-INF/classes dir. Or at least, configure your container or your web app to forbid access to *.class resources via HTTP requests.
I am facing a problem when I move my JSP files along with CSS and JS files under WEB-INF/web/ directory. The problem is that, when a JSP page loads, it does not load CSS and JS files. Please help if you have any idea about it.
Thanks
Umar
Unless you want to write controllers to serve the css/js files in the WEB-INF folder, you will need to move those files out of WEB-INF so that they can be served as static files by the app server.
WEB-INF is not web accessible, you need to put css/js into public_html(www) as browser loads them through http.
You can use the contextPath to retrieve any file from the foot folder,this way can work with files inside and outside WEB-INF folder.
You can make like this
<link rel="stylesheet" href="${pageContext.request.contextPath}/css/fromStyle.css" type="text/css">
To access 'WEB-INF' use
getServletContext().getRealPath("/WEB-INF/...");