You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@wicket.apache.org by ak <an...@yahoo.com> on 2008/11/18 22:51:55 UTC
resource mapping and dot in url
Hello,
I have IIS forwarding request to weblogic 10.3 where my wicket-app resides.
We had tough time figuring out why our app wouldn't run as expected when it
is served from IIS. Ajax, js and css failed to load properly. After
strenuous analysis, looks like the problem was with not allowing multiple
dots on the URL string. One of the many request that failed had URL such as
this:
/app/resources/org.apache.wicket.ajax.WicketAjaxReference/wicket-ajax.js
Basically, all the shared resources URL for fetching the CSS and JS were
failed. One solution was to disable a security feature that allows multiple
dots on the URL string. But I am not sure how well this would go with our
server admin's.
Can you advice if there are other prefered ways to get the shared resources
working without the reference having package path on the URL's ?
Thanks,
Andy
--
View this message in context: http://www.nabble.com/resource-mapping-and-dot-in-url-tp20569065p20569065.html
Sent from the Wicket - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
For additional commands, e-mail: users-help@wicket.apache.org
Re: resource mapping and dot in url
Posted by Jeremy Thomerson <je...@wickettraining.com>.
That has only to do with how IIS looks up which script to execute, and
nothing to do with security. It certainly won't matter on a Wicket site -
the "script lookup" is actually the Wicket filter.
--
Jeremy Thomerson
http://www.wickettraining.com
On Wed, Nov 19, 2008 at 8:13 AM, ak <an...@yahoo.com> wrote:
>
> The problem is with security procedures set forth by IIS admin folks.
> Please
> follow this link for more nicer explanation.
> http://forums.iis.net/p/1150133/1872812.aspx
>
> Hope I am making myself clear. Any ideas ?
>
> Thanks,
> Andy
> --
> View this message in context:
> http://www.nabble.com/resource-mapping-and-dot-in-url-tp20569065p20580635.html
> Sent from the Wicket - User mailing list archive at Nabble.com.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
> For additional commands, e-mail: users-help@wicket.apache.org
>
>
Re: resource mapping and dot in url
Posted by Erik van Oosten <e....@grons.nl>.
Andy,
If I read this correctly, this is not a security precaution, but a don't
shoot yourself in the foot switch. (Note the 'yourself'.) So if set up
the right way, you don't need this at all. You certainly don't need it
for a Wicket site.
You'll have to do some heavy URL rewriting (or Wicket patching) to get
around this one.
Regards,
Erik.
ak wrote:
> The problem is with security procedures set forth by IIS admin folks. Please
> follow this link for more nicer explanation.
> http://forums.iis.net/p/1150133/1872812.aspx
>
> Hope I am making myself clear. Any ideas ?
>
> Thanks,
> Andy
>
--
Erik van Oosten
http://www.day-to-day-stuff.blogspot.com/
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
For additional commands, e-mail: users-help@wicket.apache.org
Re: resource mapping and dot in url
Posted by ak <an...@yahoo.com>.
The problem is with security procedures set forth by IIS admin folks. Please
follow this link for more nicer explanation.
http://forums.iis.net/p/1150133/1872812.aspx
Hope I am making myself clear. Any ideas ?
Thanks,
Andy
--
View this message in context: http://www.nabble.com/resource-mapping-and-dot-in-url-tp20569065p20580635.html
Sent from the Wicket - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
For additional commands, e-mail: users-help@wicket.apache.org
Re: resource mapping and dot in url
Posted by Martijn Dashorst <ma...@gmail.com>.
What is the security issue of having org.apache.wicket in your url?
Martijn
On Tue, Nov 18, 2008 at 10:51 PM, ak <an...@yahoo.com> wrote:
>
> Hello,
>
> I have IIS forwarding request to weblogic 10.3 where my wicket-app resides.
> We had tough time figuring out why our app wouldn't run as expected when it
> is served from IIS. Ajax, js and css failed to load properly. After
> strenuous analysis, looks like the problem was with not allowing multiple
> dots on the URL string. One of the many request that failed had URL such as
> this:
>
> /app/resources/org.apache.wicket.ajax.WicketAjaxReference/wicket-ajax.js
>
> Basically, all the shared resources URL for fetching the CSS and JS were
> failed. One solution was to disable a security feature that allows multiple
> dots on the URL string. But I am not sure how well this would go with our
> server admin's.
>
> Can you advice if there are other prefered ways to get the shared resources
> working without the reference having package path on the URL's ?
>
> Thanks,
> Andy
>
> --
> View this message in context: http://www.nabble.com/resource-mapping-and-dot-in-url-tp20569065p20569065.html
> Sent from the Wicket - User mailing list archive at Nabble.com.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
> For additional commands, e-mail: users-help@wicket.apache.org
>
>
--
Become a Wicket expert, learn from the best: http://wicketinaction.com
Apache Wicket 1.3.4 is released
Get it now: http://www.apache.org/dyn/closer.cgi/wicket/1.3.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
For additional commands, e-mail: users-help@wicket.apache.org