Are there any other ways? For example if I code a GWT form with username and password and pass the values through with the JSONP request as parameters (doing my own verification server side) I'm getting the feeling that this would be a bad way to do it?
Could people strip/sniff the parameters because they would be in plain text?? On Mar 20, 2:17 pm, eggsy <[email protected]> wrote: > Yep I spose thats one way to do it! :) > > On Mar 20, 1:58 pm, Brian <[email protected]> wrote: > > > I'd just send the requests over https. > > > On Mar 20, 4:56 am, eggsy84 <[email protected]> wrote: > > > > Hi all, > > > > Just writing for a bit of advice. > > > > I'm writing a GWT widget that can be deployed anywhere as well as > > > mobiles and it needs to communicate with my server side code and as > > > such the requests are sent using JSONP to avoid any cross site > > > problems. > > > > As its using JSONP in such a way I can't really implement any typical > > > J2EE container based security as you usually would (using the web.xml > > > and securing URL's etc). > > > > Is there any proven way of securing requests? As it happens the > > > application doesn't hold any important information really but its best > > > to start off on a good footing with good secure principles in place? > > > > Has anyone else followed proven methods when implementing a GWT > > > application? > > > > Many thanks all, > > > > Eggsy --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/Google-Web-Toolkit?hl=en -~----------~----~----~----~------~----~------~--~---
