This week's book giveaway is in the Jobs Discussion forum.
We're giving away four copies of Customer Requirements for Developers and have Marcho Behler on-line!
See this thread for details.
The moose likes GWT and the fly likes GWT: Security concerns with JSON interpeter Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Customer Requirements for Developers this week in the Jobs Discussion forum!
JavaRanch » Java Forums » Frameworks » GWT
Bookmark "GWT: Security concerns with JSON interpeter" Watch "GWT: Security concerns with JSON interpeter" New topic
Author

GWT: Security concerns with JSON interpeter

Ben Souther
Sheriff

Joined: Dec 11, 2004
Posts: 13410

First, sorry for referring to an article that is so short on the details.
http://www.eweek.com/article2/0,1895,2110554,00.asp

Does your book get into any of the security issues with passing JSON objects and how to avoid them using GWT?


Java API J2EE API Servlet Spec JSP Spec How to ask a question... Simple Servlet Examples jsonf
Prabhakar Chaganti
author
Ranch Hand

Joined: Nov 30, 2004
Posts: 50
My book does not address any security issues with passing JSON objects. Interesting that they found vulnerabilities in all the JS libs like Yahoo UI, Prototype, Script.aculo.us, Dojo, Moo.fx, jQuery, Rico and MochiKit.

thanks
prabhakar


Packt Author Page (http://www.packtpub.com/author_view_profile/id/120)
Ben Souther
Sheriff

Joined: Dec 11, 2004
Posts: 13410

All but DWR, yes.

Thanks.
Prabhakar Chaganti
author
Ranch Hand

Joined: Nov 30, 2004
Posts: 50
The GWT team has posted an article discussing how GWT handles javascript vulnerabilities:

http://groups.google.com/group/Google-Web-Toolkit/web/security-for-gwt-applications

thanks
prabhakar
 
Consider Paul's rocket mass heater.
 
subject: GWT: Security concerns with JSON interpeter
 
It's not a secret anymore!