Adriana, When you say your application "crashes" do you mean that the Tapestry error page is displayed?
You can substitute in your own error page, but beyond that, what would you want the behavior to be if invalid data is used? Jonathan On Tue, Jul 28, 2009 at 8:16 PM, Adriana B <albojorq...@yahoo.com> wrote: > > Hi > > I have following issues on Tapestry 4.1.3, wonder if you can help me. > > While submitting the application to some security tests like > > - Modifying sp parameter on url generated by DirectLink > - Removing "hidden" parameters under a form > - Removing if_*** parameters under a form > > our application crashes, is there any way to validate and avoid this? > > Thanks, > Adriana B > -- > View this message in context: > http://www.nabble.com/Tapestry-4.1-How-to-protect-from-%22malicious%22-change-on-parameters--tp24710242p24710242.html > Sent from the Tapestry - User mailing list archive at Nabble.com. > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org > For additional commands, e-mail: users-h...@tapestry.apache.org > > -- Jonathan Barker ITStrategic
