Hi!
I'd like to know if the links generated by s:link s:button are secure.
for example
| <s:link action="#{AA.method}" value="XXX">
| <f:param name="id" value="#{object.id}" />
| </s:link>
|
is it possible for somebody to copy this link to the browser and modify the
object id in the current session so that he could see the content of other
objects?
Thanks
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4030315#4030315
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4030315
_______________________________________________
jboss-user mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/jboss-user
