Have you tried to add: <inherits name="com.google.gwt.user.RemoteServiceObfuscateTypeNames">
to your module descriptor? Am Donnerstag, 23. Juli 2015 07:22:29 UTC+2 schrieb Dave Y: > > Hi, > > My test team try to hack on the system, they found out that GWT-RPC call > returned a sensitive information (class name as highlighted in blue as > below) in response format "//EX" message. I'm amazed that I can't find any > postings on this issue. > > HTTP Request (Request payload): > *7|0|5|http://localhost:8080/Test_Web/|14B8AB60CF9C73722670313BAE18D294| > <http://localhost:8080/Test_Web/%7C14B8AB60CF9C73722670313BAE18D294%7C>abc|abc|abc|1|2|3|4|1|5|0|* > > > HTTP Response: > >> >> *//EX[2,1,["com.google.gwt.user.client.rpc.IncompatibleRemoteServiceException/3936916533","This >> > application is out of date, please click the refresh button on your > browser. ( Blocked attempt to access* > *interface 'abc', which is not implemented by > 'com.testProject.client.customerClassService'; this is either > misconfiguration or a hack attempt)"],0,7]* > >> >> > Specially the part that says "either misconfiguration or a hack attempt". > In my case is hack attempt as HTTP Response, because the exception states > that *'abc' *is not implemented by > * 'com.testProject.client.customerClassService'*. > > Any ideas to hide the sensitive information (class name as highlighted in > blue) in the error message as above ? I try with all browsers available it > is not from the browser. > > Urgent. Any help will be appreciated. > Thanks. > > -- You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/google-web-toolkit. For more options, visit https://groups.google.com/d/optout.
