[aida] WebStaticServer serves everything

Janko Mivšek janko.mivsek at eranova.si
Mon Oct 15 16:58:38 CEST 2012


Hi Herbert,

What if we change the default home directory for static serving to
./static instead? If this directory doesn't exist, nothing will be
served. This will prevent browsing a home directory with image and
.changes files, among others, which is certainly a security risk.

Best regards
Janko

Dne 15. 10. 2012 16:14, piše Herbert König:
> Hi,
> 
> 
> 
> HK> Is there a canonical way to deal with this or do I have to modify 
> WebStaticServe>>>resourceFor: to keep my private files private?
> HK> Easiest would be to just prepend a subfolder (like /static) to the URL
> HK> and keep my static files in there.
> 
> to reply to my own question: just use AidaSite>>homeDirectory: to a
> proper directory.
> 
> 
> 
> Cheers,
> 
> Herbert                            mailto:herbertkoenig na gmx.net
> 
> _______________________________________________
> Aida mailing list
> Aida na aidaweb.si
> http://lists.aidaweb.si/mailman/listinfo/aida
> 

-- 
Janko Mivšek
Svetovalec za informatiko
Eranova d.o.o.
Ljubljana, Slovenija
www.eranova.si
tel:  01 514 22 55
faks: 01 514 22 56
gsm: 031 674 565


More information about the Aida mailing list