Which statements about disabling scriplets are true?
A:You cant disable scripting via DD B:You can only disable scripting at application level C:You can disable scripting programmatically by using the isScriptingEnabled page directive attribute D:You can disable scripting via DD by using <scripting-invalid> element.
The answer is D. But I think B is also correct. If I use <scripting-invalid> element, it becomes invalid at the application level. Am I right? Please reply
Scripting can be disabled in DD using <scripting-invalid>true</scripting-invalid>. So A is absolutely incorrect . And D is correct. I was asking whether B should also be correct or not
You are right, you can disable the scripting in DD by using the <scripting-invalid>true</scripting-invalid> - the question is tricky, IMHO if you can disable something with a boolean flag you can also enable it also enable it (with the same boolean). and now about the question A and D, they are similar :
A:You cant disable scripting via DD --> yes by using the DD D:You can disable scripting via DD by using <scripting-invalid> element. --> yes
may by Bert & Co tries to test your power of observation
Collins the @page directive isScriptingEnabled in not more actual, I just check the JSP specs (on 1-44) so I don't think that you have any possibility to do this programaticaly.
In my copy of HFSJ, page 338: "You can only disable scripting elements through the DD. The <jsp-property-group> element allows you to disable scripting in selective JSPs by specifying URL patterns to be disabled."
This doesn't have to be an all-or-nothing, application-wide deal. You can disable scripting at the JSP level in the DD!
This is more philosophy but if you have a "disable" feature you need its complementary feature (the enable it) to complete the circle. By example : if you have a stone and a window (from glass) you can say that the rock has one feature it can open the window just throw the stone and break the window - the window is open, but if this feature really useful ?
I accept it like this and if I'll get this question on exam I choose only "the disable" question.
I agree with you. As there is no option available to disable scripting for a particular JSP and the only way to disable scripting is using DD (using <scripting-invalid> tag), we can disable scripting at only application level.
No bnkiran, Mark has given the explanation..In DD you can give selective <scripting-invalid> by <jsp-propery-group> element. Here you specify the url patterns of those jsps where you want to disable scripting. SO this wont be an application level disabling.. I hope I have understood Mark?
Originally posted by bnkiran kumar: I agree with you. As there is no option available to disable scripting for a particular JSP and the only way to disable scripting is using DD (using <scripting-invalid> tag), we can disable scripting at only application level.
That's not what "application level" means. "Application level" means that you'd have to turn it off for the entire application.
I get the impression that you're thinking DD = application level. That's not true. I don't think it's a philisophical matter either. Though many of the DD elements are for the entire application, just as many of the DD elements are for individual components. Some, like the <scripting-invalid> tag and filters, can effect either everything application-wide or just a small subset, depending on how you map it.
Post by:autobot
All of the world's problems can be solved in a garden - Geoff Lawton. Tiny ad:
a bit of art, as a gift, that will fit in a stocking