2009/5/12 Tres Seaver <tsea...@palladion.com>: > The server side wouldn't know that: the presence of such a field in the > request is completely independent of any form (e.g., cookies passed long > after logging in).
I understand the issue, but shouldn't the remedy be to avoid ever displaying request data in a public view? \malthe _______________________________________________ Repoze-dev mailing list Repoze-dev@lists.repoze.org http://lists.repoze.org/listinfo/repoze-dev
