(1) Tomcat禁用Put等不安全方法。
1 <security-constraint> 2 <web-resource-collection> 3 <web-resource-name>xxxx-Security-Constraint-0</web-resource-name> 4 <url-pattern>/*</url-pattern> 5 <http-method>PUT</http-method> 6 <http-method>DELETE</http-method> 7 <http-method>HEAD</http-method> 8 <http-method>OPTIONS</http-method> 9 <http-method>TRACE</http-method> 10 </web-resource-collection> 11 <auth-constraint> 12 </auth-constraint> 13 </security-constraint>
参考文档: http://yingfangming.blog.163.com/blog/static/165802470201291622853362/
(2) 常见错误页面定向
1 <error-page> 2 <error-code>404</error-code> 3 <location>/error.jsp</location> 4 </error-page> 5 <error-page> 6 <error-code>500</error-code> 7 <location>/error.jsp</location> 8 </error-page> 9
如果只是这样配置IE浏览器不会重定向,error.jsp里面要写上下面代码,把response的header status code置为200.
<% response.setStatus(200); %>
参考文档: http://origin100.iteye.com/blog/383460 也可以设置按照异常定向。
(3)网站图标
更换ico图标文件。