Tapestry cometd with HTTPS

2017-04-30 Thread Miguel Figueiredo
Hi, I am testing a Tapestry application with HTTPS configuration. I did the dev configuration according to the documentation ( https://tapestry.apache.org/https.html) public void contributeMetaDataLocator(MappedConfiguration configuration) { configuration.add(MetaDataConstants.SECURE_

Re: Tapestry cometd with HTTPS

2017-04-30 Thread Lance Java
tapestry-cometd uses tapestry-offline under the hood to fool tapestry into believing it was invoked via a request / response when it was actually invoked via websockets. I'm guessing you are rendering a link in your websocket flow. You'll need to provide a few extra symbols to render links includi

Tapestry Ajax Security

2017-04-30 Thread abangkis
Hi, with the client-side API release in Tapestry 5.4.2 probably there will be more people that will depend on the tapestry ajax component. So I was wondering what about the security. Since it will be easily manipulated in the client side. In the traditional tapestry page we can rely on Something

Re: Tapestry Ajax Security

2017-04-30 Thread Chris Poulsen
Your means to securing a "traditional tapestry page" (filter based approach) should be sufficient. On Mon, May 1, 2017 at 6:39 AM, abangkis wrote: > Hi, with the client-side API release in Tapestry 5.4.2 probably there will > be more people that will depend on the tapestry ajax component. So I