On 23 mar, 00:42, eggsy <[email protected]> wrote:
> Are there any other ways?
>
> For example if I code a GWT form with username and password and pass
> the values through with the JSONP request as parameters (doing my own
> verification server side) I'm getting the feeling that this would be a
> bad way to do it?
Yup; unless you make your request over SSL/TLS (HTTPS) (but even then,
it would be "bad looking")
You can eventually use HTTP-level authentication (using HTTP Basic --
which sends credentials in the clear, so should be used over SSL/TLS
only-- or HTTP Digest on your server's side), and use an URL such as:
http://user:[email protected]/my.module.nocache.js
> Could people strip/sniff the parameters because they would be in plain
> text??
Over SSL/TLS, no; otherwise, yes.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Google Web Toolkit" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/Google-Web-Toolkit?hl=en
-~----------~----~----~----~------~----~------~--~---
