ONJava.com -- The Independent Source for Enterprise Java
oreilly.comSafari Books Online.Conferences.

advertisement

AddThis Social Bookmark Button
Article:
  Migrating to Page Controllers
Subject:   Front controller
Date:   2004-11-07 05:58:20
From:   Ethan
Response to: Front controller

It's true, Java/J2EE webapps have a portable, standard means to limit access to resources (among other useful features); that said, in a non-J2EE webapp you can still prevent people from directly accessing view pages:


1/ use .htaccess to disable bare directory listings. It's tougher for people to access a resource if they don't know what it is.


2/ put a different extension on your view pages (e.g. ".phpv") and use .htaccess to deny access to them. The controller can still access those files because PHP's include() bypasses the Apache request cycle.


1 to 1 of 1
1 to 1 of 1