Thanks for the explanation Anthony. quarta-feira, 27 de Março de 2019 às 02:37:06 UTC, Anthony escreveu: > > What is the more secure way to transfer the modified_on? >> Using >> session.modified_on >> or >> form['hidden'].update(modified_on=form.record.modified_on) >> and then >> request.post_vars.modified_on >> ? >> I ask this because there is an option to make session secure when using >> HTTPS. >> > > If there is some reason you want to keep the modified_on value a secret, > the session will be more secure (the user has no access to the session > data). However, using the session (properly) can be more complex. First, > what happens if the user opens multiple edit forms in different browser > tabs? If you always use the same session key to store the modified_on > value, each new form that is opened will overwrite the value of the > previous form. To prevent that, you would likely want the key to include > the record ID as well. But then you have to worry about deleting old keys > from the session so it doesn't grow indefinitely. If you instead use a form > hidden field, you don't have to worry about any of this. > > Anthony > >
-- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
