Learn how to protect your Facelets page code from unauthorized access and source code leakage in the browser.
- [Instructor] So we've created a number…of xhtml files in our JSF application.…In a real world application we'll probably have…a host of other resource files,…style sheets, images and other bits and pieces.…We probably don't want a malicious user…or even a casual browser to access directly.…We certainly don't want our xhtml files displayed…as raw xml in the browser.…This video is the story of source code protection.…
In our worked up xml, we've set up a servlet mapping…for our Faces servlets to intercept…and take control of browser requests…with the Faces URL mapping.…There's really nothing stopping a user…from requesting our JSF pages…without using the URL mapping that we've defined.…What'll happen is they'll just see…the raw xml file, a source code leak…and all it's embarrassments.…Let's see what that looks like.…So this is a logistic JSF page.…
Watch what happens when we remove the Faces URL mapping.…We see raw text in the browser,…viewing the source we see the entire Facelets code.…This can be stopped by adding more…
- Why use JSF?
- How JSF works
- Using managed beans in JSF
- Building a JSF page using Facelets
- Using Ajax support in JSF
- Processing complex data with JSF converters
- Security in JSF
- JSF and third-party component libraries
Skill Level Beginner
1. Web Application Development in JavaEE
2. Build Your First JSF Page
3. Use Managed Beans in JSF
4. Build a JSF Page Using Facelets
5. Use Ajax Support in JSF
6. Process Complex Data with JSF Converters
7. Protect Your Application with JSF Validation
8. Security in JSF
9. Combine JSF with Other Frameworks
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.