Exclude URLs
This exclude url's list is used to list all the urls that must be excluded from checking for the XSS attacks.
URL
![*](bullet.png)
Each URL should be relative to the context path and must start with "/".
![*](bullet.png)
The individual url-patterns uses the ANT style patterns for pattern matching.
By default all the urls that have the extensions namly, CSS, JS, PNG, GIF and SWF are excluded.
<exclude-url-patterns>
<url-pattern>/**/*.css</url-pattern>
<url-pattern>/**/*.js</url-pattern>
<url-pattern>/**/*.png</url-pattern>
<url-pattern>/**/*.gif</url-pattern>
<url-pattern>/**/*.swf</url-pattern>
</exclude-url-patterns>