Hi, Keith, I think what you mentioned should be ok. Looking at your scenario again, I think you probably just need to pass the data wrapped in objects, something like a DTO (data transfer objects). So, just getter methods for the object, that's sufficient.
Cheers, Jian SimpleWiki in Java and Velocity http://www.jiansnet.com/services/simplewiki.html On Tue, Mar 30, 2010 at 2:18 PM, ChadDavis <chadmichaelda...@gmail.com>wrote: > On Tue, Mar 30, 2010 at 3:11 PM, jian chen <chenjian1...@gmail.com> wrote: > > Sounds like a perfect match for Velocity template engine. > > > > I guess you want to make sure the objects passed into the template won't > > have any methods that the user would execute that could cause damage. > > > > Are there any secrets here? Or is it as simple as: > > 1) only objects that are put in context > 2) only public methods > 3) anything else? > >
