Forum:

GWT: Security concerns with JSON interpeter

Ben Souther

Sheriff

Posts: 13411

I like...

posted 18 years ago

Number of slices to send:

Optional 'thank-you' note:

Send

First, sorry for referring to an article that is so short on the details.
http://www.eweek.com/article2/0,1895,2110554,00.asp

Does your book get into any of the security issues with passing JSON objects and how to avoid them using GWT?

Java API J2EE API Servlet Spec JSP Spec How to ask a question... Simple Servlet Examples jsonf

Prabhakar Chaganti

author

Posts: 50

posted 18 years ago

Number of slices to send:

Optional 'thank-you' note:

Send

My book does not address any security issues with passing JSON objects. Interesting that they found vulnerabilities in all the JS libs like Yahoo UI, Prototype, Script.aculo.us, Dojo, Moo.fx, jQuery, Rico and MochiKit.

thanks
prabhakar

Packt Author Page (http://www.packtpub.com/author_view_profile/id/120)

Ben Souther

Sheriff

Posts: 13411

I like...

posted 18 years ago

Number of slices to send:

Optional 'thank-you' note:

Send

All but DWR, yes.

Thanks.

Java API J2EE API Servlet Spec JSP Spec How to ask a question... Simple Servlet Examples jsonf

Prabhakar Chaganti

author

Posts: 50

posted 18 years ago

Number of slices to send:

Optional 'thank-you' note:

Send

The GWT team has posted an article discussing how GWT handles javascript vulnerabilities:

http://groups.google.com/group/Google-Web-Toolkit/web/security-for-gwt-applications

thanks
prabhakar

Packt Author Page (http://www.packtpub.com/author_view_profile/id/120)