> Would the Security component be a solution to this problem? Kind of, but not really. The Security components handles access requests at the HTTP level, and while it can detect and deflect POST requests that don't come from within the application, it is still possible inject form elements or spoof POST data via client-side script.
--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php -~----------~----~----~----~------~----~------~--~---