Making static content and JSPs directly accessible
When you deploy static HTML and JSPs, you can choose whether to make them directly accessible from outside the web app. By directly accessible, we mean that a client can enter the path to the resource into his browser, and the server will return the resource. But you can prevent direct access by putting files under WEB-INF or, if you’re deploying as a WAR file, under META-INF.
Note
If the server gets a client request for anything under WEB-INF or META-INF, the Container MUST respond with a 404 NOT FOUND error!
Get Head First Servlets and JSP, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.