Arthur Ahiceh wrote: > ok! you have not used the word "easily" but only saying "There are more > hardening options such as encrypting urls" it only seems that encrypting > urls the problem is solved and it is not the case! The user has to > implement a custom security factory, one different than provided by Wicket > (SunJceCrypt), to resolve CSRF. > Come on, I did not (intend to) suggest that URL encryption solves CSRF attacks. It is *another* hardening strategy.
Erik. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]