Jorge Godoy <[EMAIL PROTECTED]> writes:
They might be disabled client side as well... The idea is really signaling
that to the server so that it knows. Of course, if a widget has no
"can_be_disabled" attribute or it is false, then it can't be disabled...
The idea of using the hashes is that one would have computed all variations to
the form. Then it would just be a matter of selecting a valid variation. If
one would tamper with the form he'd have to select a valid hash (i.e. a valid
schema) and would be subject to it.
If the hash is invalid -- i.e., it matches no predefined schema -- then the
form is processed as if it had an error (a default schema might be used
here).
--
Jorge Godoy <[EMAIL PROTECTED]>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"TurboGears" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/turbogears?hl=en
-~----------~----~----~----~------~----~------~--~---
