2 Replies Latest reply on Apr 13, 2007 5:58 PM by spambob

    Page Context & Security


      Regarding page context the reference documentation says:

      The state is actually serialized to the client, so this construct is extremely robust with respect to multi-window operation and the back button.
      (at http://docs.jboss.com/seam/1.2.1.GA/reference/en/html/concepts.html#d0e2569)

      How secure is this serialized state? Is it encrypted somehow - e.g. like the client side state saving - or can most information be retrieved by simply looking at the html source?

      I'm asking because I have a page scoped component that has a few properties I don't won't / can't show to users. So is this secure enough or a big mistake?