Details
-
Improvement
-
Status: Closed
-
Major
-
Resolution: Won't Fix
-
5.1.0.5, 5.0.18
-
None
-
None
Description
I request this feature for purpose of the security of website. Currently, I found that users can download tml files by putting ".tml" at the end of URL. Users can do like that because .tml files are put in the webroot folder of the project. To prevent download, I have 2 solutions for this case:
Solution 1: .tml files can be saved anywhere in project, and Tapestry will support the configuration to determine where to save these files.
Solution 2: Save tml file in the WEB_INF folder of project.
I hope that next version of Tapestry will have this option.
Thank you very much.