okay - Here are a few reasons - *@Anthony *- What exactly is it that you are trying to hide? Can you give an example?
Here is the example - Please consider the below view page source (form when serialized) line when I have filled up a form * using a database for my software BugBuster* in this case - This is going to be a* post *method - All the variables are shown filled in before the "submit" is done actually. Now it could be very easy to pass wrong values using some hacking techniques by malicious people (inshort hackers) and send wrong information into the database. It is this kind of thing I need to prevent one from doing to my application. Please don't get me wrong - I ain't any paranoid when it comes to security. Its just that thing, that I need to make sure that my clients feel secure when they are using my application in production (online). I dont care if others are able to see parameters for trivial comments posting or blogs there off but when it comes to enterprise level security, I think we should provide such stuff or at least a way to conceal the information being passed. Even clients feel confident that such things are being taken care by the software itself. I know validations can take care of this to some extent but that would eventually be an overkill during post method. And we cannot have it for each field anyways. *<form action="" enctype="multipart/form-data" method="post"> <table><tr id="issues_ticket_no__row"><td class="w2p_fl"> <label for="issues_ticket_no" id="issues_ticket_no__label"> Ticket No: </label></td><td class="w2p_fw"><input class="string" id="issues_ticket_no" name="ticket_no" type="text" value="" /></td><td class="w2p_fc"></td></tr><tr id="issues_team__row"><td class="w2p_fl"><label for="issues_team" id="issues_team__label">Team: </label></td><td class="w2p_fw"><select class="string" id="issues_team" name="team"> <option value=""></option><option value="Base">Base</option><option value="Assets Team">Assets Team</option> <option value="Wealth Management">Wealth Management</option></select></td><td class="w2p_fc"> </td></tr><tr id="issues_date_today__row"><td class="w2p_fl"> <label for="issues_date_today" id="issues_date_today__label">Date Today: </label></td> <td class="w2p_fw"><input class="date" id="issues_date_today" name="date_today" type="text" value="2012-03-12" /> </td><td class="w2p_fc"></td></tr><tr id="issues_category__row"><td class="w2p_fl"> <label for="issues_category" id="issues_category__label">Category: </label></td><td class="w2p_fw"> <select class="string" id="issues_category" name="category"><option value=""> </option><option value="Base System">Base System</option></select></td><td class="w2p_fc"> </td></tr><tr id="issues_sub_category__row"><td class="w2p_fl"> <label for="issues_sub_category" id="issues_sub_category__label">Sub Category: </label></td> <td class="w2p_fw"><select class="string" id="issues_sub_category" name="sub_category"><option value=""> </option><option value="Contact Manager">Contact Manager</option></select></td><td class="w2p_fc"></td> </tr><tr id="issues_manager__row"><td class="w2p_fl"><label for="issues_manager" id="issues_manager__label">Manager: </label></td><td class="w2p_fw"><select class="string" id="issues_manager" name="manager"><option value=""> </option><option value="John Stiefeling">John Stiefeling</option></select></td><td class="w2p_fc"></td> </tr><tr id="issues_developer__row"><td class="w2p_fl"><label for="issues_developer" id="issues_developer__label"> Developer: </label></td><td class="w2p_fw"><select class="string" id="issues_developer" name="developer"> <option value=""></option><option value="Farzad">Farzad</option><option value="Shantanu">Shantanu</option> </select></td><td class="w2p_fc"></td></tr><tr id="issues_tester__row"><td class="w2p_fl"> <label for="issues_tester" id="issues_tester__label">Tester: </label></td><td class="w2p_fw"> <select class="string" id="issues_tester" name="tester"><option value=""> </option><option value="Tanvi Potnis">TanviPotnis</option></select></td><td class="w2p_fc"> </td></tr><tr id="issues_severity__row"><td class="w2p_fl"><label for="issues_severity" id="issues_severity__label"> Severity: </label></td><td class="w2p_fw"><select class="string" id="issues_severity" name="severity"> <option value=""></option><option value="Critical">Critical</option><option value="High">High</option> <option value="Low">Low</option><option value="Medium">Medium</option><option value="Trivial">Trivial</option> </select></td><td class="w2p_fc"></td></tr><tr id="issues_status__row"><td class="w2p_fl"> <label for="issues_status" id="issues_status__label">Status: </label></td><td class="w2p_fw"> <select class="string" id="issues_status" name="status"><option value=""></option><option value="AFF"> AFF</option><option value="Acknowledged">Acknowledged</option><option value="Approved">Approved </option><option value="Closed">Closed</option><option value="Code Review">Code Review</option> <option value="Deferred">Deferred</option><option value="Fixed">Fixed</option><option value="Open">Open </option><option value="Other">Other</option><option value="Pre-Approved">Pre-Approved</option> <option value="Re-Opened">Re-Opened</option><option value="Tested">Tested</option></select></td> <td class="w2p_fc"></td></tr><tr id="issues_type__row"><td class="w2p_fl"><label for="issues_type" id="issues_type__label">Type: </label></td><td class="w2p_fw"><select class="string" id="issues_type" name="type"> <option value=""></option><option value="Generic">Generic</option><option value="Schema Change">Schema Change</option> </select></td><td class="w2p_fc"></td></tr><tr id="issues_branches__row"><td class="w2p_fl"> <label for="issues_branches" id="issues_branches__label">Branches: </label></td><td class="w2p_fw"> <select class="string" id="issues_branches" name="branches"><option value=""></option><option value="Mainstream"> Mainstream</option></select></td><td class="w2p_fc"></td></tr><tr id="issues_modified_date__row"><td class="w2p_fl"> <label for="issues_modified_date" id="issues_modified_date__label">Modified Date: </label></td><td class="w2p_fw"> 2012-03-12</td><td class="w2p_fc"></td></tr><tr id="issues_created_by__row"><td class="w2p_fl"> <label for="issues_created_by" id="issues_created_by__label">Created By: </label></td><td class="w2p_fw"> sysadmin</td><td class="w2p_fc"></td></tr><tr id="issues_workspace__row"><td class="w2p_fl"> <label for="issues_workspace" id="issues_workspace__label">Workspace: </label> </td><td class="w2p_fw">Base</td><td class="w2p_fc"></td></tr><tr id="issues_description__row"> <td class="w2p_fl"><label for="issues_description" id="issues_description__label">Description: </label> </td><td class="w2p_fw"><textarea class="text" cols="40" id="issues_description" name="description" rows="10"> </textarea></td><td class="w2p_fc"></td></tr><tr id="issues_checkin_details__row"><td class="w2p_fl"> <label for="issues_checkin_details" id="issues_checkin_details__label">Checkin Details: </label> </td><td class="w2p_fw"><textarea class="text" cols="40" id="issues_checkin_details" name="checkin_details" rows="10"> </textarea></td><td class="w2p_fc"></td></tr><tr id="issues_comments__row"><td class="w2p_fl"> <label for="issues_comments" id="issues_comments__label">Comments: </label></td><td class="w2p_fw"> <textarea class="text" cols="40" id="issues_comments" name="comments" rows="10"></textarea></td> <td class="w2p_fc"></td></tr><tr id="issues_attach_file__row"><td class="w2p_fl"> <label for="issues_attach_file" id="issues_attach_file__label">Attach File: </label></td><td class="w2p_fw"> <input class="upload" id="issues_attach_file" name="attach_file" type="file" /></td><td class="w2p_fc"></td> </tr><tr id="submit_record__row"><td class="w2p_fl"></td><td class="w2p_fw"><input type="submit" value="Save" /> </td><td class="w2p_fc"></td></tr></table><div class="hidden"><input name="_formkey" type="hidden" value="f5f913dd-2c1d-4d56-85ac-2a4c0b7319f2" /><input name="_formname" type="hidden" value="issues/create" /> </div></form>* --> Also note here I am not exactly trying to lock "View page source" for the end users, they may be able to do it as per default browsers functionality but rather would see something very clean and no parameters like below pyjamas example view serailized. *<html><!-- auto-generated html - you should consider editing and adapting this to suit your requirements --> <head> <meta name="pygwt:module" content="TimeSheet"> <link rel='stylesheet' href='TimeSheet.css <view-source:http://pyjs.org/examples/timesheet/output/TimeSheet.css>'> <title>PyJamas Auto-Generated HTML file TimeSheet</title> </head> <body bgcolor="white"> <script language="javascript" src="bootstrap.js <view-source:http://pyjs.org/examples/timesheet/output/bootstrap.js>"></script> <iframe id='__pygwt_historyFrame' style='width:0;height:0;border:0'></iframe> </body> </html>* --> The above line *<body content="secure"> </body>* is *just a thought* some html tag could be defined or supported in HTML5 or above or *even in may be web2py 2.0 *that would toggle secure page view and unsecure page view ... if secure is *True* - users would see some stuff very basic like above pyjamas example when viewing page source else as usual - normal view page source (what it shows currently) I hope I am clear this time and not causing confusions :) Thanks, Sincerely, Rahul D (www.flockbird.com) =================================== On Sunday, March 11, 2012 5:54:23 AM UTC+5:30, pbreit wrote: > > Sliverlight works on all browsers as far as I know. But I still don't > think it's a very smart platform to target for the vast majority of apps.
