Re: wicket showing traces that we used wicket is it a problem
by default wicket does not enforce https. it does, however, give you an easy way to switch - just google it. -igor On Mon, May 23, 2011 at 9:02 PM, hariharansrc wrote: > i am just a beginner so i am just asking, it may cause a problem if any > security holes we found, other than that i am worrying about nothing. I > feel very comfortable to use java in development especially wicket and > hibernate. So, i have no plan to switch to .net or php at any cost. Even > will just make my friends also to use wicket and java because of its ease. > thank you for replies > > then i am having a another small clarification > > whenever i deploy a application using wicket i get https i am using > websphere server is it the default mode of wicket or it is because of any > other reason. how to switch between https and http. is it something related > with stateful nature of wicket > > > -- > View this message in context: > http://apache-wicket.1842946.n4.nabble.com/the-html-pages-showing-traces-that-we-used-wicket-is-it-a-problem-tp3540810p3546099.html > Sent from the Users forum mailing list archive at Nabble.com. > > - > To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org > For additional commands, e-mail: users-h...@wicket.apache.org > > - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org
Re: wicket showing traces that we used wicket is it a problem
i am just a beginner so i am just asking, it may cause a problem if any security holes we found, other than that i am worrying about nothing. I feel very comfortable to use java in development especially wicket and hibernate. So, i have no plan to switch to .net or php at any cost. Even will just make my friends also to use wicket and java because of its ease. thank you for replies then i am having a another small clarification whenever i deploy a application using wicket i get https i am using websphere server is it the default mode of wicket or it is because of any other reason. how to switch between https and http. is it something related with stateful nature of wicket -- View this message in context: http://apache-wicket.1842946.n4.nabble.com/the-html-pages-showing-traces-that-we-used-wicket-is-it-a-problem-tp3540810p3546099.html Sent from the Users forum mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org
Re: wicket showing traces that we used wicket is it a problem
I can only imagine it fits in the "security through obfuscation" category. "If they don't know it's Wicket, they won't think to use a Wicket exploit on it!". At any rate, I'd be more worried about the fact that you're running it in a Java VM than the fact that the front-end of it is generated by Apache Wicket. If anything is going to be exploitable to do anything useful, it's going to be the VM. Or more likely, your own code. Don't get sucked into this obfuscation crap. It buys you nothing. But if you must, feel free to mount your pages with a .php extension and exhaust all the script kiddie's patience in his attempts at SQL injection. On 23 May 2011, at 20:56, Igor Vaynberg wrote: > thousands of applications show they use php with .php extensions. > thousands more show that they use jsp by .jsp extensions, and a lot > more show they use struts with a .do extension. why does it matter? > > -igor > > On Sat, May 21, 2011 at 9:01 AM, hariharansrc wrote: >> >> >>Wicket form >> >> >> >> >> >> >> >> > action=";jsessionid=90C6F4DC17391001C2B5A3575453976D?wicket:interface=:0:form::IFormSubmitListener::">> style="width:0px;height:0px;position:absolute;left:-100px;top:-100px;overflow:hidden">> type="hidden" name="id1_hf_0" id="id1_hf_0" /> >> >> >> helloworld >> >> >> >> >> >> >> >> this is the html code i got for a simple program using ajax it shows many >> traces that we used wicket i am imagining is it cause any problem to reveal >> what we actually used to the users. >> >> >> -- >> View this message in context: >> http://apache-wicket.1842946.n4.nabble.com/wicket-showing-traces-that-we-used-wicket-is-it-a-problem-tp3540810p3540810.html >> Sent from the Users forum mailing list archive at Nabble.com. >> >> - >> To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org >> For additional commands, e-mail: users-h...@wicket.apache.org >> >> > > - > To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org > For additional commands, e-mail: users-h...@wicket.apache.org > - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org
Re: wicket showing traces that we used wicket is it a problem
thousands of applications show they use php with .php extensions. thousands more show that they use jsp by .jsp extensions, and a lot more show they use struts with a .do extension. why does it matter? -igor On Sat, May 21, 2011 at 9:01 AM, hariharansrc wrote: > > > Wicket form > > > > > > > > action=";jsessionid=90C6F4DC17391001C2B5A3575453976D?wicket:interface=:0:form::IFormSubmitListener::"> style="width:0px;height:0px;position:absolute;left:-100px;top:-100px;overflow:hidden"> type="hidden" name="id1_hf_0" id="id1_hf_0" /> > > > helloworld > > > > > > > > this is the html code i got for a simple program using ajax it shows many > traces that we used wicket i am imagining is it cause any problem to reveal > what we actually used to the users. > > > -- > View this message in context: > http://apache-wicket.1842946.n4.nabble.com/wicket-showing-traces-that-we-used-wicket-is-it-a-problem-tp3540810p3540810.html > Sent from the Users forum mailing list archive at Nabble.com. > > - > To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org > For additional commands, e-mail: users-h...@wicket.apache.org > > - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org
Re: wicket showing traces that we used wicket is it a problem
this is the html code i got for a simple program using ajax it shows many traces that we used wicket i am imagining is it cause any problem to reveal what we actually used to the users. It also shows traces that you are using JQuery. That might reveal you are too lazy to code every line of javascript by hand. - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org
wicket showing traces that we used wicket is it a problem
Wicket form helloworld this is the html code i got for a simple program using ajax it shows many traces that we used wicket i am imagining is it cause any problem to reveal what we actually used to the users. -- View this message in context: http://apache-wicket.1842946.n4.nabble.com/wicket-showing-traces-that-we-used-wicket-is-it-a-problem-tp3540810p3540810.html Sent from the Users forum mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org
