Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [jetty-users] misconfigured jetty displays source to browser

Look in $JETTY_HOME/etc/webdefault.xml at the DefaultServlet settings.
dirAllowed=true by default which permits directory listing. Set it to
false, and then remember to apply that file to your contexts (because
by default jetty resovles webdefault.xml from inside the
jetty-webapp.jar  in $JETTY_HOME/lib).


On 28 February 2013 13:57, S Ahmed <sahmed1020@xxxxxxxxx> wrote:
> I'm having issues with getting jetty working when building a fat jar (but
> that's another story).
> What I am concerned about is, when it is misconfigured, it outputs my
> directory like this:
> So when I click on a link, I can see my properties file etc. which may
> contain sensitive information.
> Is there a way to prevent this?
> I mean, mistakes can always happen during a deploy so dont' want to get
> caught like this :)
> _______________________________________________
> jetty-users mailing list
> jetty-users@xxxxxxxxxxx

Jan Bartel <janb@xxxxxxxxxxx> – Developer advice, services and support
from the Jetty & CometD experts.

Back to the top