Securing Web-application state stored on the clients and a lesson in ease of development using cryptography