Hiho SQL injection is only a problem if you write crap code on the server that builds SQL queries as a String rather than a Statement with parameters that one sets. This problem exists for all kinds of web apps if you do the wrong thing and not GWT exclusively. XSS is also caused by writing and not escaping Strings that one has previously received from a user. For example they post a string with some javascript embedded inside which the app writes straight back and is executed by the browser. Do the write thing and the problem disappears...
tya -- You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.
