[ http://mc4j.org/jira/browse/STS-118?page=comments#action_10780 ] Ben Gunter commented on STS-118: --------------------------------
I've been thinking for a while that we need a mechanism for encrypting any value that is to be passed back to the server. For example, if you allow a numeric ID to load an object from a database, you don't want somebody to be able to just poke any value in there that they want. > Allow sourcePage to be encrypted > -------------------------------- > > Key: STS-118 > URL: http://mc4j.org/jira/browse/STS-118 > Project: Stripes > Issue Type: Improvement > Components: Tag Library > Reporter: Jeppe Cramon > Assigned To: Ben Gunter > > We ussually have all JSP's that can't be accessed without going through an > ActionBean stored under /WEB-INF > It would be nice if the _sourcePage parameter could be encrypted (like > fieldsPresent) so that the internal structure isn't visible to the enduser. > No reason to disclose more than necessary ;) > /Jeppe -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://mc4j.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ Stripes-development mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/stripes-development
