[Seaside] Re: Strategies for bulky renders/updates

Stephan Eggermont stephan at stack.nl
Mon Mar 14 18:36:32 UTC 2011

Milan wrote:
>A potential problem is that it leaks IDs into HTML. 
>One could easily guess a valid ID which maps to a database 
> object which he normally wouldn't have access to. 
>Hm... unless you take special care to obfuscate the ID.

Basic security would be to always use a mapping dictionary
and generate IDs.


More information about the seaside mailing list