|
Maybe he meant Ferris Bueller..... >Buell, not Bueller. <G> > > >------------ >Walden H Leverich III >President >Tech Software >(516)627-3800 x11 >WaldenL@TechSoftInc.com >http://www.TechSoftInc.com > > > >-----Original Message----- >From: Brad Stone [mailto:brad@bvstools.com] >Sent: Tuesday, November 13, 2001 11:52 PM >To: midrange-l@midrange.com >Subject: JSP Security exposure (from usenet) > > >Hey, I just read this on Usenet. I don't recall seeing it here. > >Apparently if you call a JSP and end it with a slash "/" it will show the >source for the JSP. > >ie: >www.myserver.com/runme.jsp > >will function normally. But > >www.myserver.com/runme.jsp/ > >will display the source for the JSP. I haven't tried it, >but the poster on comp.sys.ibm.as400.misc said he has. He didn't mention if >it was for Websphere or Tomcat. > >Anyone... Bueller?
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.