This week's book giveaways are in the Jython/Python and Object-Oriented programming forums.
We're giving away four copies each of Machine Learning for Business: Using Amazon SageMaker and Jupyter and Object Design Style Guide and have the authors on-line!
See this thread and this one for details.
Win a copy of Machine Learning for Business: Using Amazon SageMaker and JupyterE this week in the Jython/Python forum
or Object Design Style Guide in the Object-Oriented programming forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Bear Bibeault
  • Paul Clapham
  • Jeanne Boyarsky
  • Knute Snortum
Sheriffs:
  • Liutauras Vilda
  • Tim Cooke
  • Junilu Lacar
Saloon Keepers:
  • Ron McLeod
  • Stephan van Hulst
  • Tim Moores
  • Tim Holloway
  • Carey Brown
Bartenders:
  • Joe Ess
  • salvin francis
  • fred rosenberger

GWT: Security concerns with JSON interpeter

 
Sheriff
Posts: 13411
Firefox Browser VI Editor Redhat
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
First, sorry for referring to an article that is so short on the details.
http://www.eweek.com/article2/0,1895,2110554,00.asp

Does your book get into any of the security issues with passing JSON objects and how to avoid them using GWT?
 
author
Posts: 50
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
My book does not address any security issues with passing JSON objects. Interesting that they found vulnerabilities in all the JS libs like Yahoo UI, Prototype, Script.aculo.us, Dojo, Moo.fx, jQuery, Rico and MochiKit.

thanks
prabhakar
 
Ben Souther
Sheriff
Posts: 13411
Firefox Browser VI Editor Redhat
 
Prabhakar Chaganti
author
Posts: 50
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The GWT team has posted an article discussing how GWT handles javascript vulnerabilities:

http://groups.google.com/group/Google-Web-Toolkit/web/security-for-gwt-applications

thanks
prabhakar
 
Honk if you love justice! And honk twice for tiny ads!
Java file APIs (DOC, XLS, PDF, and many more)
https://products.aspose.com/total/java
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!