Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I have a java app with basic servlets and jsp. Now I tried to download the source using HTTrack software which download the sources online. Anyhow, complete app was not downloaded with that one but still i feel that its not secure as few of files were downloaded, I want to secure it completely in such a way that the client should not be able to download any of the files. How can be this achieved? Someone throw some light on this please.
By source if you mean HTML, CSS and Javascript then you can’t stop them being downloaded. That is the whole point of HTTP model. The client requests a page from server and then it is downloaded to client’s machine.
But I don’t think even HTTrack will be able download Java or JSP source code if you have placed them properly within WEB-INF/ directory.
Best way to avoid client download is making use of Applets or Flex which eliminates HTML, CSS and Javascript so that the client will be downloading an Applet or Flex application only.
Applets can be signed using Jarsigner so that they can be secured and Flex applications can be obfuscated so that source code is not visible.