Prevent directory listing of /VAADIN/widgetsets directory

Alejandro1 · September 25, 2012, 10:47pm

I have an exploded /VAADIN/widgetsets directory and I’d like to prevent directory listing of its contents.

I’m using Jetty, configured with dirAllowed=false which works OK out of the Vaadin context, but within it, I get a directory listing (see for
example
.

fairwin · November 25, 2018, 11:32pm

i am using vaadin 7.3 for the customer’s web site.
a few days ago the site was diagnosed web vulnerabilities.

as you mentioned, contents in /VAADIN/themes directory could be listed.

i’m wondering how to prevent directory listing of /VAADIN/themes directory.