Spring mvc:resources access to outside folder

Question

I have stored medias (pictures and movies) in a folder (for example C:\\test\\tes.png) and I\'m trying to access to pictures with an url like : http://localhost:8080/app/pic

Answer 1

First question: "the mapping"

I am not 100% sure, but I would guess, there is a final / missing for the location. change it to:

Another question : I'm not sure this is the good approach. What are others solutions to access to media on external folder ?

In my humble opinion, it is very bad practice to give an web site user full read access to an folder. Attention the access is not only limited to the folder, but the user can also access all sub folders.

*And even if you decided to ignore this warning, then you must test what happen if some use invoke http://localhost:8080/app/picture/../someFile.** I don't know what would happen, but **make 120% sure that nobody can access any file outside the picture Folder! -- I have had a look into the spring implementation, and it seams that spring already handle this issue.*Since Spring 3.2.12, 4.0.8, 4.1.2 the Resource Handler make sure that you an not access an folder outside the specified resource folder. (SPR-12354: Directory traversal with static resource handling (CVE-2014-3625))