我们知道,实现页面的跳转有两种方式,一种是通过redirect的方式,一种是通过forward的方式。redirect方式的跳转,系统会在一个新的页面打开要跳转的网页;而forward方式跳转,系统会在原来的页面上打开一个要跳转的网页。所以放到WEB-INF目录下的文件是不允许采用redirect方式的跳转来访问的
<textarea spellcheck="false" style="position: absolute; bottom: -1em; padding: 0px; width: 1000px; height: 1em; outline: none" tabindex="0" readonly=""></textarea>
X
1
We know that there are two ways to implement a page jump, one is through redirect, and the other is through the forward way. Redirect Mode of the jump, the system will open a new page to jump to the page, and forward way to jump, the system will be on the original page to open a page to jump. So files placed in the Web-inf directory are not allowed to be accessed using Redirect-mode jumps .
<Jsp:forward page="/web-inf/jsp/login.jsp" />
JSP is placed in the Webroot directory so that users can access directly, JSP placed in the Web-inf directory must be requested to access.
so it's safe to put the JSP page under Web-inf.
By setting a filter, files placed under Webroot can also be accessed without direct access.
Write a filter to implement the filter interface
General projects are all requirements of concealment, Only ask the customer to access the JSP page instead of directly through the request. If placed under Webroot, you must add a filter to block all access to *.jsp.
as long as the comparison: placed under the Webroot: advantages, clear program structure, easy to encode and maintain, disadvantages, to add filters. put under the Web-inf: advantages, no filters, disadvantages, disrupt the program structure, coding and maintenance trouble points.
Source: http://blog.csdn.net/u013730093/article/details/50216379
Recommendedput it under the webroot .
The difference between JSP pages placed under Webroot or Web-inf