On Jan 8, 2007, at 11:44 AM, Jorge Godoy wrote:
Paul Johnston <[EMAIL PROTECTED]> writes:
The way ASP.NET solves this is the __VIEWSTATE hidden field. The
state of the
controls is stored in that, and it is protected from tampering
using a MAC. As
we start to do more complicated things with widgets forms, I think
a TG
equivalent of __VIEWSTATE is inevitable.
Indeed. Any hints on how they implemented that? We can use HMAC
for the
crypto part, it is available at the standard library...
The easiest way IMO would be to pickle a FormState (unimplemented)
object and encrypt that. That object could be extended if a need for
something similar arises in the future. However, is it safe to do
so? I mean, objects should not be un-pickled from untrusted sources
because the possibility of remote code execution exists... The pickle
docs say:
""Warning:
The pickle module is not intended to be secure against erroneous or
maliciously constructed data. Never unpickle data received from an
untrusted or unauthenticated source."""
Would encrypting it make it secure enough?
Alberto
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"TurboGears" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/turbogears?hl=en
-~----------~----~----~----~------~----~------~--~---
