I'm curious why storing a list in hidden fields, even as ids, isn't
considered a huge security hole. Doesn't it seem like it is just
inviting users to manipulate their application into letting them do
things to entities they shouldn't have access to, etc. I use volatile
wherever I can, despite t
I'm not certain this change happened from 4.1 to 4.1.1 as I'm pretty
sure I never made it. Maybe from 3 -> 4 ?
The list is stored in the form ~specifically~ so that it does match
exactly on render/rewind as anything else would be un-predictable .
You can set volatile=true on your list -> but if y
I just upgraded from Tapestry 4.1 to 4.1.1. Now I'm having some problems with
the For component. It seems that it was changed so that it stores the source
list in hidden fields in the page and uses the stored version on rewind. I can
understand why this might be useful, since it could be problem
