Security Issue, would not pass my institution's security scanners.
The Web directory list is made publicly accessible folders by default.
As a bandaid, I've added code in the daemon shell script to put index html files with a meta refresh in the affected directories.
It would be nice if this could be configured on the fly with other jetty config with this:
But, a nice hard coded fix would be great in the meantime!