问题描述

我是Icefaces和Facelets的新手，但我在一个新项目中使用它们。我已经完成了一切配置并且工作正常。但是，当我访问mywebapp / file.xhtml时，整个facelets模板源会出现在我的浏览器中。我怎么能隐藏这个以防止用户查看我的服务器端模板？

I'm new to Icefaces and Facelets both, but I'm using them on a new project. I've got everything working configured and working fine. However, when I visit mywebapp/file.xhtml, the entire facelets template source comes up in my browser. How could I hide this to prevent users from viewing my server-side templates?

推荐答案

将所有模板放入WEB-INF / someDirectory / templates。

Put all templates into WEB-INF/someDirectory/templates.

然后根据facelets文档将其放在web.xml中，用于所有其他xhtml文件：

Then according to the facelets documentation put this inside your web.xml for all other xhtml files:

<security-constraint>
    <display-name>Restrict XHTML Documents</display-name>
    <web-resource-collection>
        <web-resource-name>XHTML</web-resource-name>
        <url-pattern>*.xhtml</url-pattern>
    </web-resource-collection>
    <auth-constraint>
        <description>Only Let 'developer's access XHTML pages</description>
        <role-name>someone</role-name>
    </auth-constraint>
</security-constraint>

这篇关于隐藏.xhtml源代码 - facelets / icefaces？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！