Not disagreeing -- makes sense -- but just curious, how/when do you use this on the Client side? The Server side sets this if the request has come in via https: or riap:, and that's where I usually need to interrogate it. On Tue, Oct 21, 2008 at 8:56 AM, Kevin Conaway <[EMAIL PROTECTED]>wrote:
> When making a Client call, I think it would be helpful to set the > "confidential" attribute on the Request for the user based on the Protocol. > I.e., if I'm using the HTTPS protocol, I shouldn't have to remember to set > the confidential attribute to true on every Request. I'm not where the best > place to make that decision is though > > Is there a situation where you would be using HTTPS or a similar secure > protocol but the Request would not be confidential? > > Thanks, > > Kevin >
