What is a hacker going to get from a URL like "/somepage"? -- Jeremy Thomerson http://www.wickettraining.com
On Mon, May 10, 2010 at 2:06 PM, Fernando Wermus <[email protected]>wrote: > Igor, > Wicket in Action explains > "... Using this code, Wicket will encrypt all your URLs—including > bookmarkable URLs. ...". > > I need fixed entry point for my stateless page, but not readable for > humans, because some hacker would like to extract all the information from > the site. > > How can I achieve this? > > > On Mon, May 10, 2010 at 4:01 PM, Igor Vaynberg <[email protected] > >wrote: > > > afair crypted strategy only encodes non-bookmarkable urls. it does not > > encode bookmarkable urls because those are meant as entrypoints into > > your application. > > > > -igor > > > > On Mon, May 10, 2010 at 11:38 AM, Fernando Wermus > > <[email protected]> wrote: > > > Hi all, > > > I create a PagingNavigator stateless. Instead of using a model to > have > > > the number page shown, my StatelessPagingNavigator shows the number > > through > > > parameters. I hope that the page number wouldnt have been showed using > > > CryptedUrlWebRequestCodingStrategy, but It does. This is rather weird; > I > > > hope any could point me out some solution. Is my class written wrongly > in > > > some way? > > > > > > > > > public class StatelessPagingNavigator extends PagingNavigator { > > > private static final long serialVersionUID = 3576836044400027436L; > > > > > > public StatelessPagingNavigator(String id, DataView dataView) { > > > super(id, dataView); > > > } > > > > > > @Override > > > protected Link newPagingNavigationIncrementLink(final String id, > > IPageable > > > pageable, int increment) { > > > * **PageParameters p=new PageParameters();* > > > * > > > * > > > * **p.add("increment", String.valueOf(increment));* > > > * **p.add("pageNumber", String.valueOf(pageable.getCurrentPage()));* > > > Link link= new BookmarkablePageIncrementLink(id, pageable, > > > getPage().getClass(), p){ > > > private static final long serialVersionUID = 1L; > > > > > > public boolean isEnabled() > > > { > > > return super.isEnabled() && StatelessPagingNavigator.this.isEnabled() > && > > > StatelessPagingNavigator.this.isEnableAllowed(); > > > } > > > }; > > > return link; > > > } > > > > > > @Override > > > protected Link newPagingNavigationLink(final String id, final IPageable > > > pageable, int pageNumber) { > > > * **PageParameters p=new PageParameters();* > > > * **p.add("pageNumber", String.valueOf(pageNumber));* > > > return new BookmarkablePagingNavigationLink(id, pageable, > > > getPage().getClass(), p){ > > > private static final long serialVersionUID = -3076648671049640420L; > > > > > > public boolean isEnabled() > > > { > > > //return false; > > > return super.isEnabled() && StatelessPagingNavigator.this.isEnabled() > && > > > StatelessPagingNavigator.this.isEnableAllowed(); > > > } > > > }; > > > } > > > > > > @Override > > > protected PagingNavigation newNavigation(final IPageable pageable, > final > > > IPagingLabelProvider labelProvider) { > > > return new PagingNavigation("navigation", pageable, labelProvider) { > > > private static final long serialVersionUID = 1102823179571300337L; > > > > > > @Override > > > protected Link newPagingNavigationLink(final String id, final IPageable > > > pageable, int pageIndex) { > > > * **PageParameters p=new PageParameters();* > > > * **p.add("pageIndex", String.valueOf(pageIndex));* > > > return new BookmarkablePagingNavigation(id, pageable, > > getPage().getClass(), > > > p){ > > > private static final long serialVersionUID = -3076648671049640420L; > > > > > > public boolean isEnabled() > > > { > > > return super.isEnabled() && StatelessPagingNavigator.this.isEnabled() > && > > > StatelessPagingNavigator.this.isEnableAllowed(); > > > } > > > }; > > > } > > > }; > > > } > > > } > > > > > > thanks in advance > > > > > > -- > > > Fernando Wermus. > > > > > > www.linkedin.com/in/fernandowermus > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [email protected] > > For additional commands, e-mail: [email protected] > > > > > > > -- > Fernando Wermus. > > www.linkedin.com/in/fernandowermus >
