Security Bug in Grails GWT Plugin
30 views
Skip to first unread message
confile
Mar 23, 2014, 5:23:24 PM3/23/14
to grail...@googlegroups.com
I found a security bug in this plugin. The output ouf this plugin is compiled to the grails projects
web-app
> gwt
folder. The gwt folder contains the following folders:
> yourprojectname
> WEB-INF
The WEB-INF folder should not be accessible from a browser. It turns out it is. You can access files which are inside this folder.
This should be fixed.
confile
Apr 5, 2014, 5:21:27 PM4/5/14
to grail...@googlegroups.com
Still no one cares about that?
Ismael Hernández
Apr 6, 2014, 8:05:35 AM4/6/14
to grail...@googlegroups.com
Good morning,
My version of gwt plugin is 0.7.1, my gwt generated files are not in the folder WEB-INF/ , instead of this I get the output in /gwt
As far I remember I didn't need to change any config file.
Inside of my folder /gwt I also have a folder WEB-INF/ but not with web.xml or classe, inside of this WEB-INF I have static htmls files, inside a folder called symbolMaps.
I hope this information helps you
Best regards
Ismael
--
---
You received this message because you are subscribed to the Google Groups "grails-gwt" group.
To unsubscribe from this group and stop receiving emails from it, send an email to grails-gwt+...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
confile
Apr 6, 2014, 9:06:16 AM4/6/14
to grail...@googlegroups.com
No it does not help that is what I wrote I have.
Reply all
Reply to author
Forward
0 new messages