tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Craig R. McClanahan" <>
Subject Re: tomcat serves .jsp file contained in WEB-INF
Date Thu, 10 May 2001 18:03:00 GMT

On Thu, 10 May 2001, Richard Wan wrote:

> Is the following a bug or a part of the Servlet 2.2 spec?
> http://machine:port/appname/WEB-INF/inside.jsp would get served but
> http://machine:port/appname/WEB-INF/inside.html would not?

Neither one should be served back to a direct client request for these
URLs.  The server is prohibited from returning anything under "WEB-INF" or

It's legal to access either of these URLs, however, in the following ways:

* Inside a servlet, using something like this:

    InputStream is =

* As the destination of a RequestDispatcher.forward() or include():

    RequestDispatcher rd =
    rd.forward(request, response);


    RequestDispatcher rd =
    rd.include(request, response);

> ----------------------------------------------------------------------
> Richard F. Wan

Craig McClanahan

View raw message