Hello all! I've been wondering how secure saveState actually is. To what extent can we trust the values we get back from the client? Are they ciphered with a server key so they can't be tampered with until they get sent back to the server?
Or should I assume a client can tamper with the serialized bean and change its values? That would make me have to retrieve them again from a liable source, thus beating the whole purpose of saveState. I'm an avid user of t:saveState, but I need to know what I can count on. Thank you, Francisco Passos
