Article Topic Learning Download Q&A Programming Dictionary Game Recent Updates

简体中文(ZH-CN) English(EN) 繁体中文(ZH-TW) 日本語(JA) 한국어(KO) Melayu(MS) Français(FR) Deutsch(DE)

Home > php教程 > php手册 > body text

jsp与php混用的漏洞

WBOY

Release： 2016-06-06 19:47:48

Original

1660 people have browsed it

接手一个项目是jsp写的，用起来感觉开发是在太麻烦了。于是新功能就用php写的，jsp、php两者之间相互跳转，突然一天发现在tomcat的web站下打开php竟然显示了php源码，在php站下看jsp也是显示的源码，立即度娘解决问题 apache增加： FilesMatch \.(jsp|inc)

接手一个项目是jsp写的，用起来感觉开发是在太麻烦了。于是新功能就用php写的，jsp、php两者之间相互跳转，

突然一天发现在tomcat的web站下打开php竟然显示了php源码，在php站下看jsp也是显示的源码，

立即度娘解决问题

apache增加：

<filesmatch>
Order Deny,Allow
Deny from all
</filesmatch>

Copy after login

tomcat web.xml增加：

<security-constraint>
                 <web-resource-collection>
			<web-resource-name>Members Only</web-resource-name>
                        <url-pattern>*.php</url-pattern>
                 </web-resource-collection>
                 <auth-constraint></auth-constraint>
         </security-constraint>

Copy after login

重启，访问都回得到403错误

Related labels：

jsp php loopholes use project

source：php.cn

Previous article：常见的 PHP IDE 开发工具汇总 Next article：PHP 中的BOM BUG

Statement of this Website

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Latest Articles by Author

BlackRock Labels BTC a Unique Diversifier

2024-09-20 15:51:33
Internet Computer (ICP) Price Prediction: Will ICP Price Hit $24?

2024-09-20 15:47:32
Worldcoin (WLD) Price Prediction 2022-23

2024-09-20 15:45:32
Top Meme Coins to Invest In Today

2024-09-20 15:39:32
Floki (FLOKI) Price Prediction: Will the Revamped Marketing Help Floki Catch Up on October Gains?

2024-09-20 15:38:32
Next Cryptocurrency to Explode: 5 Coins to Add to Your Watchlist

2024-09-20 15:27:32
Dogecoin: From an Internet Meme to a Digital Currency with a Billion-Dollar Market Capitalization

2024-09-20 15:26:32
ZChains Unveils a Series of Exciting Updates and Launches to Enhance Its Ecosystem

2024-09-20 15:12:32
How to download the Apple version of Little Fox Payment Platform

2024-09-20 14:53:01
How beginners trade on MetaMask and its advantages and disadvantages

2024-09-20 14:51:01

Latest Issues

function_exists() cannot determine the custom function Function test () {return true;} if (function_exists ('test')) {echo "test is function...

From 2024-04-29 11:01:01

0

2

1512

How to display the mobile version of Google Chrome Hello teacher, how can I change Google Chrome into a mobile version?

From 2024-04-23 00:22:19

0

10

1677

The child window operates the parent window, but the output does not respond. The first two sentences are executable, but the last sentence cannot be implemented.

From 2024-04-19 15:37:47

0

1

1420

There is no output in the parent window document.onclick = function(){ window.opener.document.write('I am the output of the child ...

From 2024-04-18 23:52:34

0

1

1349

Where is the courseware about CSS mind mapping? Courseware

From 2024-04-16 10:10:18

0

0

1397

Related Topics

More>

Popular Recommendations

Popular Tutorials

More>

Related Tutorials

Popular Recommendations

Latest courses

Latest Downloads

More>

Web Effects

Website Source Code

Website Materials

Front End Template

About us Disclaimer Sitemap: php.cn：Public welfare online PHP training，Help PHP learners grow quickly！