aspose file tools*
The moose likes GWT and the fly likes GWT: Security concerns with JSON interpeter Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of The Java EE 7 Tutorial Volume 1 or Volume 2 this week in the Java EE forum
or jQuery UI in Action in the JavaScript forum!
JavaRanch » Java Forums » Frameworks » GWT
Bookmark "GWT: Security concerns with JSON interpeter" Watch "GWT: Security concerns with JSON interpeter" New topic
Author

GWT: Security concerns with JSON interpeter

Ben Souther
Sheriff

Joined: Dec 11, 2004
Posts: 13410

First, sorry for referring to an article that is so short on the details.
http://www.eweek.com/article2/0,1895,2110554,00.asp

Does your book get into any of the security issues with passing JSON objects and how to avoid them using GWT?


Java API J2EE API Servlet Spec JSP Spec How to ask a question... Simple Servlet Examples jsonf
Prabhakar Chaganti
author
Ranch Hand

Joined: Nov 30, 2004
Posts: 50
My book does not address any security issues with passing JSON objects. Interesting that they found vulnerabilities in all the JS libs like Yahoo UI, Prototype, Script.aculo.us, Dojo, Moo.fx, jQuery, Rico and MochiKit.

thanks
prabhakar


Packt Author Page (http://www.packtpub.com/author_view_profile/id/120)
Ben Souther
Sheriff

Joined: Dec 11, 2004
Posts: 13410

All but DWR, yes.

Thanks.
Prabhakar Chaganti
author
Ranch Hand

Joined: Nov 30, 2004
Posts: 50
The GWT team has posted an article discussing how GWT handles javascript vulnerabilities:

http://groups.google.com/group/Google-Web-Toolkit/web/security-for-gwt-applications

thanks
prabhakar
 
It is sorta covered in the JavaRanch Style Guide.
 
subject: GWT: Security concerns with JSON interpeter