On Thu, Nov 29, 2012 at 1:52 PM, Ernesto Reinaldo Barreiro <
reier...@gmail.com> wrote:

> Hi,
> On Thu, Nov 29, 2012 at 1:38 PM, Karsten Gaul <karsten.g...@exedio.com>wrote:
>> Hi Ernesto,
>> Thanks but this isn't really what I was looking for as it is too simple
>> to remove the Modal Window from the DOM tree and see the already rendered
>> hidden page without entering a PIN.
>> Don't put the hidden content till pin is provided. This way there is no
> way to manipulate client side to access "protected" content. Once pin is
> provided you redirect to same page (and then content is displayed). It is
> resposaability of the page to ensure it is protected (with server side
> state). Is usser does not provides pin or closes the modal you redirect to
> a public page.

Or use AJAX to repaint the "hidden content" of the page.

Regards - Ernesto Reinaldo Barreiro
Antilia Soft
http://antiliasoft.com/ <http://antiliasoft.com/antilia>

Reply via email to