I am trying to prevent directory traversal attack on my jsp. As well as sanitising the URL parameters, I want to not expose the directory structure altogether. Is there a way for me to hide/alter the path that the user sees and also in the source code properly?
Hiding href path on hover and source code
427 views Asked by obsessiveCookie At
1
There are 1 answers
Related Questions in JAVA
- I need the BIRT.war that is compatible with Java 17 and Tomcat 10
- Creating global Class holder
- No method found for class java.lang.String in Kafka
- Issue edit a jtable with a pictures
- getting error when trying to launch kotlin jar file that use supabase "java.lang.NoClassDefFoundError"
- Does the && (logical AND) operator have a higher precedence than || (logical OR) operator in Java?
- Mixed color rendering in a JTable
- HTTPS configuration in Spring Boot, server returning timeout
- How to use Layout to create textfields which dont increase in size?
- Function for making the code wait in javafx
- How to create beans of the same class for multiple template parameters in Spring
- How could you print a specific String from an array with the values of an array from a double array on the same line, using iteration to print all?
- org.telegram.telegrambots.meta.exceptions.TelegramApiException: Bot token and username can't be empty
- Accessing Secret Variables in Classic Pipelines through Java app in Azure DevOps
- Postgres && statement Error in Mybatis Mapper?
Related Questions in JSP
- Unable to compile the class for JSP in tomcat 8.5.95
- Liberty doesn't compile JSP
- Why ${message} appear as it is in View and not the real message passed in Spring MVC controller
- How can i connect my 4 objects in my jsp file so it can run perfectly
- An error occurred: Cannot run program "C:\Users\ford\AppData\Local\Programs\Python\Python311\python.exe": CreateProcess error=5, Access is denied
- Issue with dropdown menu in the jsp page(cannot import the choice in the db)
- java.lang.ClassNotFoundException: org.apache.jsp.WEB_002dINF.jsp.ImportTab_jsp
- javascript function changes when used with jsp
- Database ConnectionError
- Where should i place my index.jsp and index.jsp1 for my app to run in tomcat app
- How to fix checkmarx reflected XSS attack in JSP page?
- JSP: "object cannot be resolved to a variable" when used in nested tag
- How to use JSTL in JSP: jakarta.servlet.ServletException: java.lang.NoClassDefFoundError: javax/servlet/jsp/tagext/TagLibraryValidator
- How to setup jsp Pages on a Webserver
- File uploaded from jsp is not making it to servlet
Related Questions in PATH
- How to write a clickable link in VS Code terminal that points to a multiline range?
- Can't run Python's mapscript because of a missing DLL
- How change path to my new generated webp image in index.html?
- Correct way to compare file paths when one is canonical and other absolute
- make Error 2, The system cannot find the file specified
- Tkinter treeview displaying and selecting rows question
- Running clang64.exe or mingw64.exe incorrectly sets PATH
- Python project deployment on Ubuntu 18 server
- FileNotFoundError while trying to load dataset from drive
- Powershell Receive-File issue
- BlendMode does not work as expected with a path and circle in Jetpack Compose
- return all paths in a nested dictionary that also contains a list in python
- How to show and change Image inside a Flask Route?
- What is vue router :matchRest(.*)* and when should I use it?
- Cassandra Installation Issue on Windows 11- 64bit
Related Questions in HREF
- Angular 17 standalone link for the other section of the page on the same page
- Using WGET to Get Links on the Page
- How do I echo a PHP variable into a href attribute for a stylesheet
- How do I pass a query through a Link href in reactjs/nextjs?
- Obtain href links from first table in headless browser page (playwright._impl._errors.Error: Event loop is closed! Is Playwright already stopped?)
- URL to search in user's preferred search engine
- Adding href and id property leads to framing error
- How to change links in list.js pagination to from href="#" to href="?page="?
- Why does facebook business login for instagram get stuck at connect to instagram?
- the href "tel:" and "mailto:" are not clickable on Google Search app (iOS) on website
- Trying to create ol of urls
- img adress linked in href tag not opened in chrome
- Special character (Æ, Ø, ø, Å, å, Ä, ä, Ö, ö) in downloaded word file getting formatted to ASCI values in javascript
- "How to open one's Word application with a file through the browser using PHP HTML CSS?
- Why is my href directory not working in my reactjs project?
Related Questions in COPY-PROTECTION
- Export password protected PDF from QGIS
- Protect application that uses time from a website as license key
- How to protect HTML5 canvas assets (images/audio)?
- nsis : how to protect files extraction from 7zip file manager
- Is there anyway to make a Powerpoint file downloadable and readable but not editable?
- How can I prevent loadstring from getting hooked like this
- Licensing - How do I protect Python code using a password or other form of authentication?
- is it possible to install copy protection in a telegram bot?
- Protect WebAssembly (wasm) files from tampering. Runtime checksum?
- Keeping Python Code Private On Controlled Linux Server
- Best Way to Obfuscate My DL Models and Python?
- How to protect my file from sending to skype or upload to cPanel
- How to call a internet Python script from another local Python script
- How to implement Document protection for a part of the Document?
- Protecting the Excel Workbook from copying between computers
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
One approach is to place your JSPs under the WEB-INF folder. The servlet engine will restrict direct access to any files under the WEB-INF folder, which achieves your goal.
To be able to use this approach, all your links and form actions should map to servlets or a similar component in the framework you're using (e.g. actions in Struts, controllers in Spring MVC, etc.). You cannot expose direct links to JSP pages (which is a bad idea anyway).
For example, if you're using Spring MVC, the link will point to a URL which is mapped to a Controller. The controller will retrieve the data required to be displayed on the JSP and then forwards to the JSP (using the appropriate Spring MVC approach).
HTH