0

I have a web application hosted in Apache Tomcat I am looking for apache configuration to restrict downloading exe's when I hit the URL

when I hit http://<server_name>/abc/xyz.exe application works normally if appended with append '/' to the end.. like http://<server_name>/abc/xyz.exe\ the junk executable xyz.exe is downloaded on to the browser

Here is my web.xml content

  <init-param>
    <param-name>_webengine0</param-name>
    <param-value>web:local</param-value>
  </init-param>
  <init-param>
    <param-name>web:local</param-name>
    <param-value>pdmweb.exe</param-value>
  </init-param>

can you please let me know if there is any apache configuration to be placed to restrict file downloads (specifically .exe) from application

Bharath
  • 11
  • 5
  • Does that mean you're installing a Java Webserver (tomcat) to execute Windows Binaries? I've never heard of such a setup. You might want to provide a [mcve], see [ask] – Olaf Kock Jun 17 '22 at 12:39
  • looks like a duplicate of [Servlet mapping: url-pattern for URLs with trailing slash](https://stackoverflow.com/questions/4377541/servlet-mapping-url-pattern-for-urls-with-trailing-slash) , please close your post if so. – Eugène Adell Jun 18 '22 at 11:16
  • No Olaf, My requirement is not to download windows binaries ... i am looking for apache configuration to restrict downloading exe's when i hit the url ... when i hit `http:///abc/xyz.exe` application works normally problem is when i append '/' to the end.. like `http:///abc/xyz.exe/` – Bharath Jun 20 '22 at 10:51
  • That's a tiny snippet of web.xml (not really fitting the [mcve] approach: it's minimal, but not reproducible)- while I'm not asking for all of the file, to me it's unclear what you're configuring with these `init-param`s. And again, using Tomcat to execute Windows Binaries sounds quite counterintuitive (I can't imagine what else you're doing with them if you're not offering them for download) – Olaf Kock Jun 20 '22 at 11:25
  • Olaf, my intent is not to download the exe file ....my exe contains an jsp page which is the starting login page of my application. I wanted the jsp to display the login... But Ironically when i just mistakenly adds an '/' to the end the url .... the exe is getting downloaded thru browser – Bharath Jun 20 '22 at 12:47

0 Answers0