Joel Liu's personal annotations on this page
Joel bookmarked
on 2007-04-05
-
It is a sad truth that JavaScript applications are easily left
vulnerable to several types of security exploits, if developers are
unwary. Because the Google Web Toolkit (GWT)
produces JavaScript code, we GWT developers are no less vulnerable to
JavaScript attacks than anyone else. However, because the goal of GWT
is to allow developers to focus on their users' needs instead of
JavaScript and browser quirks, it's easy to let our guards down. To
make sure that GWT developers have a strong appreciation of the risks,
we've put together this article.
This link has been bookmarked by 17 people . It was first bookmarked on 02 Apr 2007, by bkmrkr.
-
-
Unless you do an extremely thorough analysis of both the client and
server, you can't assume a string from your server is safe.
-
-
-
It is a sad truth that JavaScript applications are easily left
vulnerable to several types of security exploits, if developers are
unwary. Because the Google Web Toolkit (GWT)
produces JavaScript code, we GWT developers are no less vulnerable to
JavaScript attacks than anyone else. However, because the goal of GWT
is to allow developers to focus on their users' needs instead of
JavaScript and browser quirks, it's easy to let our guards down. To
make sure that GWT developers have a strong appreciation of the risks,
we've put together this article.
-
Would you like to comment?
Join Diigo for a free account, or sign in if you are already a member.