diff -r 7bacc4f21edc -r 797fc2e2fb78 web/webconfig.py
--- a/web/webconfig.py	Wed Nov 28 11:44:15 2012 +0100
+++ b/web/webconfig.py	Tue Nov 27 14:48:03 2012 +0100
@@ -21,10 +21,12 @@
 _ = unicode
 
 import os
+import hmac
+from uuid import uuid4
 from os.path import join, exists, split, isdir
 from warnings import warn
 
-from logilab.common.decorators import cached
+from logilab.common.decorators import cached, cachedproperty
 from logilab.common.deprecation import deprecated
 
 from cubicweb import ConfigurationError
@@ -272,6 +274,25 @@
             raise ConfigurationError("anonymous information should only contains ascii")
         return user, passwd
 
+    @cachedproperty
+    def _instance_salt(self):
+        """This random key/salt is used to sign content to be sent back by
+        browsers, eg. in the error report form.
+        """
+        return str(uuid4())
+
+    def sign_text(self, text):
+        """sign some text for later checking"""
+        # replace \r\n so we do not depend on whether a browser "reencode"
+        # original message using \r\n or not
+        return hmac.new(self._instance_salt,
+                        text.strip().replace('\r\n', '\n')).hexdigest()
+
+    def check_text_sign(self, text, signature):
+        """check the text signature is equal to the given signature"""
+        return self.sign_text(text) == signature
+
+
     def locate_resource(self, rid):
         """return the (directory, filename) where the given resource
         may be found