Hi , I am trying to add XSRF protection to my app using the newly introduced method in 2.3 http://code.google.com/webtoolkit/doc/latest/DevGuideSecurityRpcXsrf.html , but I was wondering when and where is the value of the cookie (not the token) gets generated or set. I know that the token is generated by the XsrfTokenServiceServlet using the cookie value of the cookie name you use ( JSESSIONID for example ) but where/when is the cookie value set.
If somebody can explain the interaction sequence between the server and client , that would be much appreciated. -- You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.
