Security Vulnerability as the properties and js files are visible in browser - SmartClient Forums

You need to login (link above) before you can post. If you do not yet have an account, please register.

X

satya_paul

Registered Developer

Join Date: Mar 2015

Posts: 133
#1

Security Vulnerability as the properties and js files are visible in browser

8 Feb 2017, 03:07

Hi,

A malicious user enters the following URL https://host:port/context/isomorphic/locales/frameworkMessages.properties in the address bar of the browser and clicks on the 'Enter' button: The file is visible in the browser. Similarly other files like javascript files are visible. Is there anything that can be done to prevent this ? Also, is there any harm is showing these files to anonymous users.

Please reply.
Tags: None
Isomorphic

Administrator

Join Date: May 2006

Posts: 54567
#2

8 Feb 2017, 03:10

Of course not. The .properties file you refer to is string constants and error messages, which, like the JavaScript code, is the same for any application deployed on our product, and is free for anyone to download from smartclient.com.
Comment
satya_paul

Registered Developer

Join Date: Mar 2015

Posts: 133
#3

9 Feb 2017, 03:02

Thank you.
Comment

Previous template Next

Working...

X