Win a copy of Re-engineering Legacy Software this week in the Refactoring forum
or Docker in Action in the Agile forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Securing URLs

 
Jeffies Shah
Greenhorn
Posts: 7
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
This is a Struts related query.
In my web app, I have a folder named XX which has two files, Show.html and Game.swf, with the Show.html having the code to show the swf (Game.swf) file. This folder XX is in no way related to the web app. In a page in the web app, I have to point a link "GAME" to Show.html.
The folder XX exists outside WEB-INF and I coded as:
<a href='/XX/Show.html'>GAME</a>. The code worked well.

But the problem is the URL appeared on the browser bar as http://localhost:8080/XX/Show.html. So, with the idea of securing the URL, I planned to use an action named ShowGame.do with the following mapping in the struts-config file:
<action path="/ShowGame"
parameter="/XX/Show.html"
type="org.apache.struts.actions.ForwardAction" />
and changed the href code to:
<jaf:link action='/ShowGame'>GAME</jaf:link>
This is not working.

Can you please tell me why?
 
Merrill Higginson
Ranch Hand
Posts: 4864
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The problem here is that by doing this, you have changed the current directory from /XX to /. This means that /XX/Show.html can no longer find Game.swf.

You can fix this by putting a <base> tag at the beginning of your html document:

<base href="/MyApp/XX/Show.html">

Then, any references to "game.swf" will be resolved correctly.

If you want to avoid hard-coding a reference to the context root, change the page to a JSP, and use the Struts <html:base> tag.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic