Callback State Encryption
This option specifies whether the control state information passed to the client side is protected by encryption.
<configuration> ... <devExpress> ... <settings protectControlState="true" /> ... </devExpress> ... </configuration>
In order to use the DevExpress Web.config section, register this section group beforehand.
This option is enabled by default.
For security reasons we do not recommend you to set this option to false.
AJAX-enabled DevExpress web components can coordinate their server and client-side representations by passing fragments of their state (callback state) to the client in response to client callbacks. This option allows you to specify whether or not the callback state should be encrypted.