[Logo]
Forums Register Login
(ANOTHER) Question from Head First Servlets and JSP's
 

Which statements about disabling scripting are true? (Choose all that apply)

A. You can't disable scripting via the DD.
B. You can only disable scripting at the application level.
C. You can disable scripting programmatically by using the isScriptingEnabled page directive attribute
D. You can disable scripting via the DD by using the <scripting-invalid> element.



Answer from the book: D

My question is why isn't B also part of the answer? The DD is application level and you can ONLY disable scripting through the DD. (isScriptingEnabled page attribute is deprecated)

Am I wrong here?
It says:

B. You can only disable scripting at the application level.

It's not true because you may do it via DD (declarative configuration) or via directive on the JSP page which for me is the mentioned "application level".

Regards,
Krzysztof
but you can't do it via a page directive anymore. isScriptingEnabled page attribute has been removed.

What is your definition of application level? What I have as "application level" in my head is a low level such as the "application scope" or where you define your dtd before you deploy.
[ August 31, 2008: Message edited by: Eurig Jones ]
Sorry, I was thinking about EL which may be enabled by page directive with a isELIgnored param.
The scripting can be disabled only via DD using <scripting-invalid>. Don't know how to disable/enable it in the *.jsp code

Regards,
Krzysztof
Yah you can only disable scripting on DD but it doesnt have to be application level cos you use <url-pattern> to select the sections where you it to be disabled.
But what IS the definition of "Application Level" here exactly?

Is configuring the DD not considered configuring something at the application level?
[ September 06, 2008: Message edited by: Eurig Jones ]
Anyone have any feedback on this?

Thanks in advance,
Eurig
Please check the following web.xml fragment

<jsp-config>
<jsp-property-group>
<url-pattern>*.do</url-pattern>
<scipting-invalid>true</scripting-invalid>
<el-ignored>false</el-ignored>
<jsp-property-group>
<taglib>
<taglib-uri>helloWorld</taglib-uri>
<taglib-location>/WEB-INF/hello.tld</taglib-location>
</taglib>
<jsp-config>


always scripting invalid is specifies for a url-pattern which hence can be to anything from a single JSP to the Entire Web Application.Hence,i feel B cannot be right..
Ahh yes! Thanks Raghavendra.
Wink, wink, nudge, nudge, say no more ... https://richsoil.com/cards


This thread has been viewed 860 times.

All times above are in ranch (not your local) time.
The current ranch time is
May 24, 2018 15:20:53.