On Tue, 28 Feb 2012 16:15:17 -0300, George Christman
<gchrist...@cardaddy.com> wrote:
Thanks Thiago, this is the method I ended up implementing. I wasn't sure
if there was a better way of handling this. I'm using a custom component
that uses a hidden field, do you feel there will be any kind of security
risk
publishing the concatenated id in the hidden field, or do you think they
should be encoded?
As long as they aren't data that can be disclosed (such as credit card
numbers) and your webapp always check if user x is really allowed to make
operation y in object z, I don't think so.
--
Thiago H. de Paula Figueiredo
Independent Java, Apache Tapestry 5 and Hibernate consultant, developer,
and instructor
Owner, Ars Machina Tecnologia da Informação Ltda.
http://www.arsmachina.com.br
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
For additional commands, e-mail: users-h...@tapestry.apache.org
