![]() ![]() I suspect that ICEFaces has something built in to deal with this but I can't find any information about it. The example they gave was also going through the blockingServlet. The client is also concerned that input parameters are not properly validated providing a entry point for XSS. I have implemented the no-cache headers but that's not exactly solid security. I have a ice:selectOneMenu with a list of cars. Initially I set up a phaseListener to deal with this but the only requests that came through were GETs. In order to avoid browsers caching sensitive information, the clients security guidlines require that POST requests do not return 200 response. How can I set up something similar for this? I don't really understand how icefaces deals with the information stored on a form and how I can ensure that this info is not stored by the browser. icefaces 1.8.2: update a table with many selectOnemenu depending on a selectOnemenu. I have 2 security concerns that my client has come up with and I am stuck. I discovered that the POST request the client's security team were complaining about were ajax calls to the BlockingServlet. In order to avoid browsers caching sensitive information, the client's security guidlines require that POST requests do not return 200 response. I have 2 security concerns that my client has come up with and I am stuck. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |