Hi Erik, that's not a concern for me really - I'm providing static application specific key (not uber secure I know), this let's me have a bookmarkable page even with encrypted key (as enc key does not change).
The issue (more like a feature request :]), is that hybrid encodes/decodes params in different way than CryptedUrlWebRequestCodingStrategy (which uses the more common style of QueryStringUrlCodingStrategy). I imagine, that's the only problem, so perhaps anyone has implemented that already, e.g. with some params encoding/decoding strategy, which could be supplied to hybrid strat (or to crypt strat ;]). cvl Erik van Oosten wrote: > Hi Vytautas, > > You can not encrypt bookmarkable URLs as encryption is done per session. > So if you're URLs need to be secure you are limited to regular Link's. > > Regards, > Erik. > > > > Vytautas Čivilis wrote: >> for the same purpose, one would encrypt QueryStringUrlCodingStrategy. >> >> e.g., if you have /path1/path2/param1/value1 >> and param1/value1 might expose some business logic or security related >> concerns. >> in the same manner as /path1/path2/param1=value1 would >> >> cvl >> >> Johan Compagner wrote: >> >>> why would you encrypt the hybrid? >>> >>> > > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org
