Hello, In one of my RPC, I return the user ID, so it is available client side. The documentation states that we should hash this user ID.
*Note:* Every user has the same user ID for all App Engine applications. If your app uses the user ID in public data, such as by including it in a URL parameter, you should use a hash algorithm with a "salt" value added to obscure the ID. Exposing raw IDs could allow someone to associate a user's activity in one app with that in another, or get the user's email address by coercing the user to sign in to another app. The way it would work is to hash the ID server side and send the hashed ID to the client. When the client send the information back, the server would unhash the ID. My point is that the hash/unhash operations are done on the server. Now what algorithm should I use? Thanks Sydney -- You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.
