There are potential security issues with just turning on directory
listings. I don't think it's a spec thing, but I do think it's wise to
not offer directory listings by default.
Lloyd
On Jun 5, 2009, at 11:24 AM, Vince Kraemer wrote:
> Hi,
>
> I created a web app that has a no descriptor files and a single JSP.
>
> If the jsp is named index.jsp, I see the content when I access http://localhost:8080/WarName/
> ... this is a good thing
>
> If the jsp is named foobar.jsp, I see a 404 error when I access the
> same URL... Is the spec forcing us to be so useless?
>
> I would think that the server could present a directory listing for
> the web app... so the user would have a chance to click on
> foobar.jsp and see its content. That would be friendlier for
> developers. It probably should not work that way in production,
> though.
>
> One other thing I noticed... There is no error in the server log
> that would alert the developer to the root cause of the problem.
>
> I did this test with v3 promoted build 49.
>
> Thanks,
> vbk
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe_at_glassfish.dev.java.net
> For additional commands, e-mail: dev-help_at_glassfish.dev.java.net
>
Lloyd Chambers
lloyd.chambers_at_sun.com
GlassFish Team