Files in WEB-INFare not visible to the users. It's a bit safer that way.

WEB-INF用户看不到其中的文件。这样比较安全一些。

If (a contrived example) you are including db.jsp, but by itself it throws an exception, a malicious user can open http://yoursite.com/db.jspand get some insight on your application (worst - the database credentials) from the exception message.

如果（一个人为的示例）您包含db.jsp，但它本身会引发异常，则恶意用户可以打开http://yoursite.com/db.jsp并从异常消息中了解您的应用程序（最糟糕的 - 数据库凭据）。

I don't think it's a good design pattern, but I believe I can explain the reasoning.

我不认为这是一个好的设计模式，但我相信我可以解释其中的原因。

Servlet containers won't serve any content in WEB-INF. By putting your JSPs there, you prevent anyone from directly accessing a JSP by navigating to it in the browser by name. This might be considered good practice, if some of your JSPs are just fragments of code/markup, and not meant to be used directly, and perhaps open some security hole you haven't though of.

Servlet 容器不会在WEB-INF. 通过将您的 JSP 放在那里，您可以防止任何人通过在浏览器中按名称导航到 JSP 来直接访问它。如果您的某些 JSP 只是代码/标记的片段，并不打算直接使用，并且可能会打开一些您没有想到的安全漏洞，那么这可能被认为是一种很好的做法。

It's still possible to get the container to see and use the JSPs as expected even in WEB-INF.

即使在WEB-INF.

An extra-plus when using a Controller(or Front-Servlet) is that you decouple the URL path from the physical location of the JSP-files in your project.

使用Controller（或 Front-Servlet）时的一个额外优势是您将 URL 路径与项目中 JSP 文件的物理位置分离。

As example here a simple request-mapping from a SpringController:

作为示例，来自Spring的简单请求映射Controller：

@RequestMapping(value = "/item/edit", method = RequestMethod.GET)
public String getItemEdit(@RequestParam(value = "id", required = false) final String id) {
    return "itemeditform";
}

The ViewResolvertakes care of mapping the URL to the place where your JSPs reside.

该视图解析器采用URL映射到你的JSP居住的地方照顾。