Tapestry 5
  1. Tapestry 5
  2. TAP5-963

Allow access to static resources (css, js, jpg, jpeg, png, gif) inside the app package

    Details

    • Type: Improvement Improvement
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 5.1.0.6
    • Fix Version/s: 5.2.0, 5.1.0.7
    • Component/s: tapestry-core
    • Labels:
      None

      Description

      Following should be sufficient:

      • add a contribution like:

      public void contributeRegexAuthorizer(
      final Configuration<String> regex,
      @Symbol(InternalConstants.TAPESTRY_APP_PACKAGE_PARAM) final String appPackageName)

      { final String pattern = "([^/.]+/)*[^/.]+\\.((css)|(js)|(jpg)|(jpeg)|(png)|(gif))$"; regex.add("^" + appPackageName.replace(".", "/") + "/" + pattern); }

      • document how to make further resources accessible (e.g. outside the app package)
      • document how to override asset protection defaults

        Activity

        Hide
        Robert Zeigler added a comment -

        Do we really want to open up all paths under app-package? Or perhaps just .pages, .components, .mixins, and subdirectories of those?

        Show
        Robert Zeigler added a comment - Do we really want to open up all paths under app-package? Or perhaps just .pages, .components, .mixins, and subdirectories of those?
        Hide
        Igor Drobiazko added a comment -

        Can you think of any images or css file that are not meant to be public? I can't and suppose it is ok to open up all path under app package.

        Show
        Igor Drobiazko added a comment - Can you think of any images or css file that are not meant to be public? I can't and suppose it is ok to open up all path under app package.
        Hide
        Robert Zeigler added a comment -

        As a matter of fact, I can.
        I have apps with images & css files that are supposed to be accessible only by one set of users or another, based on an affiliated site/location.
        I prefer it if the framework doesn't dictate to me what it thinks should be accessible from the classpath.
        But I appear to be in the minority on this issue, so I'll contribute my own asset path analyzer ahead of regex analyzer to restrict those paths and make things easier for the majority of users that prefer images and css files under app to be accessible by default.

        Cheers,

        Robert

        Show
        Robert Zeigler added a comment - As a matter of fact, I can. I have apps with images & css files that are supposed to be accessible only by one set of users or another, based on an affiliated site/location. I prefer it if the framework doesn't dictate to me what it thinks should be accessible from the classpath. But I appear to be in the minority on this issue, so I'll contribute my own asset path analyzer ahead of regex analyzer to restrict those paths and make things easier for the majority of users that prefer images and css files under app to be accessible by default. Cheers, Robert

          People

          • Assignee:
            Igor Drobiazko
            Reporter:
            Igor Drobiazko
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development