Yesterday, I was reading Kevin Yank's internet browser tip in the SitePoint.com newsletter #12 about how to view source code. Kevin stated ...
By typing "view-source:" followed by a normal URL, you can instruct your browser to display the code for the specified file instead of loading it into the browser window!
He also gives the example --
My concerns about security are the MySQL database 'config' files that contain the database name and database password. It appears that these files can be viewed directly with this method if you know what the name might be.
I invite comments regarding this issue or experience in this area. I'm concerned about hackers .