Using ClientPersistentFieldStorage (t:state:client parameter) you can
'inject' arbitary serialiable objects so it would be easy to 'inject' a
huge byte array that consumes all memory. Securing this with an HMAC
would not be that hard because it only requires changes to
Base64ObjectInputStream. I th
Howard Lewis Ship wrote:
Although you could use this technique (severe hacking of t:formdata)
to control what ComponentAction was instantiated at what point in the
form submission, the security effects of this are minimal; Tapestry
includes only a finite set of ComponentAction classes and each ha
http://www.hdiv.org/
I've never used this but if its performance is as good as they say,
it holds a lot of promise IMHO
On Fri, Jun 20, 2008 at 11:57 PM, Howard Lewis Ship <[EMAIL PROTECTED]> wrote:
> Although you could use this technique (severe hacking of t:formdata)
> to control what Component
