i need help with this, i know that in a jsp <bean:message use ApplicationResources.properties to load the information, i know that is important for internationalization
how i can do this , if i have 2 .properties, one in english and other in spanish or french, and i want have in the welcome page (jsp) 2 flags of each country, and when the user clicks one of these, struts can work with the respective .properties file (for the all interaction of the user with the application)
i read some books, but say sadly or teach that the way is changing the properties of the browser.
and what is the difference when i have the folder jsp (all the files, jsp,html,js,css) in and out of the WEB-INF (i.e. tomcat)
thanks a lot for advanced
kill your pride, share your knowledge with all
Alec Lee
Ranch Hand
Joined: Jan 28, 2004
Posts: 568
posted
0
You could forward to an Action in your flag icon and in that Action use Action.setLocale() to modify the Locale.
Manuel Jordan
Ranch Hand
Joined: Sep 29, 2006
Posts: 125
posted
0
thanks man
i will see the respective documentation
thanks for your time
pls what about this
"and what is the difference when i have the folder jsp (all the files, jsp,html,js,css) in and out of the WEB-INF (i.e. tomcat)" [ October 05, 2006: Message edited by: Michael Samuelle ]
RoshaniG Gopal
Ranch Hand
Joined: May 15, 2006
Posts: 180
posted
0
Hi Manuel,
Anything inside the WEB-INF would not be directly accessible by the client. Thus all the clases are put in the WEB-INF to have security. The JSPs can be inside the WEB-INF but clients will be able to access them indirectly via include or forwards.. The other directories(images ,css,etc) which are on level with the WEB-INF would be inaccessible. Therefore unless required we should have them outside the WEB-INF. PS: For using tiles, the layout,etc are kept inside the WEB-INF. Hope it helps
Regards, Roshani
Regards,<br />Roshani
Manuel Jordan
Ranch Hand
Joined: Sep 29, 2006
Posts: 125
posted
0
Hello Roshani
thanks for the reply, i understood your suggestion, its appreciate, the reason of the question was, because in some books use examples and all jsp files are located out of the WEB-INF (tiles, etc etc all related with the presentation), and really few books inside of the WEB-INF
but, i have doubts in this case (my case), if i have a jsp that represents a "form" to fill fields for a customer (names,sex,dates) well the jsp code include 3 .js (utils for events and validation and of course the css) and tiles has been used.
i have already done this but all outside of the WEB-INF.
i guess that the files support js and css and tiles.jsp should be located in the WEB-INF right?
coz if all are outside, the user can see the path of the .js (in the header of the code html generated) and write the url path in the browser and see the code of these files.
i want avoid this option for the user (but in the same time avoid problems of accessing files , they could be locate in the WEB-INF)
i hope that you can clear my doubt
thanks so much for advanced
Regards Manuel
Merrill Higginson
Ranch Hand
Joined: Feb 15, 2005
Posts: 4864
posted
0
Even if you do decide to keep your JSP files inside the WEB-INF directory, it's generally best to put your image files, cascading style sheets, and JavaScript files in directories that are not inside WEB-INF. It is desirable to access these items directly without having to go through a servelt or Struts Action.
thnaks for your reply well i doom to use the js validators outside of the WEB-INF, but ..
please, sorry for my persistence, but where i can learn to work with jsp inside of WEB-INF?? (maybe you know a good book or good url address), i cant give the opportunity to some malicious user to see the validations in js, and go through into the branch of the jsp folder childs
thanks so much for your time
Regards Manuel
Merrill Higginson
Ranch Hand
Joined: Feb 15, 2005
Posts: 4864
posted
0
Security of code has always been an issue with JavaScript. No matter how you deliver your JavaScript code to the browser, whether with .js files, or inside the HTML document, it is always visible to the knowledgeable user. Any good JavaScript debugger will allow someone to read the JavaScript code. As far as I know, there's no way to avoid this. Just assume your JavaScript code is visible, and don't put anything in it that will give away database locations, passwords, or any other confidential information.
JSP's are a different matter. As long as you put your JSPs inside WEB-INF or supply a serlvet filter that disallows access to a URL ending in *.jsp, your JSPs cannot be executed directly by the user. This means that in a Struts application, they must always be accessed through an action. The action can forward to them, but they cannot be accessed directly as a URL.
It doesn't make any sense, though, to try and put a .css file, a .gif file, or a .js file in WEB-INF. These files need to be available to be accessed directly. Even if you did put them in WEB-INF and provide a servlet to render their contents, the contents would still be visible to the user. Doing this would be pointless. [ October 07, 2006: Message edited by: Merrill Higginson ]
Manuel Jordan
Ranch Hand
Joined: Sep 29, 2006
Posts: 125
posted
0
Hello Merrill
thanks so much for your help again
Security of code has always been an issue with JavaScript. No matter how you deliver your JavaScript code to the browser, whether with .js files, or inside the HTML document, it is always visible to the knowledgeable user. Any good JavaScript debugger will allow someone to read the JavaScript code. As far as I know, there's no way to avoid this. Just assume your JavaScript code is visible, and don't put anything in it that will give away database locations, passwords, or any other confidential information.
ok, i understood, case closed
It doesn't make any sense, though, to try and put a .css file, a .gif file, or a .js file in WEB-INF. These files need to be available to be accessed directly. Even if you did put them in WEB-INF and provide a servlet to render their contents, the contents would still be visible to the user. Doing this would be pointless.
ok, i understood, case closed
JSP's are a different matter. As long as you put your JSPs inside WEB-INF or supply a serlvet filter that disallows access to a URL ending in *.jsp, your JSPs cannot be executed directly by the user. This means that in a Struts application, they must always be accessed through an action. The action can forward to them, but they cannot be accessed directly as a URL.
good point, they are the key of any action in a simple ActionClass that be should be controlled with Realm by example (user,roles,etc)
i was very worried about the security of my application because all the files related with the web are outside of the WEB-INF (i use realm, i guess that is enough)
tell me, i have my tiles .jsp outside of the WEB-INF, but the definitions... .xml of course inside of the WEB-INF, i saw in your old post that they should be inside of the WEB-INF, it is really nessesary??
thanks so much for your time
Regards DrPompeii [ October 08, 2006: Message edited by: Manuel Jordan ]
I agree. Here's the link: http://ej-technologies/jprofiler - if it wasn't for jprofiler, we would need to
run our stuff on 16 servers instead of 3.
subject: How change internationalization in real time
0
