Comment by [email protected]:
for every one who cares....
http://code.google.com/p/google-web-toolkit/issues/detail?id=2806#c11
"Comment 11 by project member [email protected], Jan 12, 2011
The subject of this issue has drifted somewhat, but work derived from
RpcAuth has been committed to trunk - the basic parts of it will be in 2.2
that can be used to prevent XSRF attacks, and a safe-by-default option will
be available in 2.3."
and its realy there <33
http://code.google.com/p/google-web-toolkit/source/browse/#svn%2Ftrunk%2Fuser%2Fsrc%2Fcom%2Fgoogle%2Fgwt%2Fuser%2Fserver%2Frpc
with other name, and as it seems slightly diffrent usage but it seems to be
there :D
see Xsrf*.java files :)
For more information:
http://code.google.com/p/google-web-toolkit/wiki/RpcAuth
--
http://groups.google.com/group/Google-Web-Toolkit-Contributors
