Hi ,
I am trying to add XSRF protection to my app using the newly
introduced method in 2.3
http://code.google.com/webtoolkit/doc/latest/DevGuideSecurityRpcXsrf.html
, but I was wondering when and where is the value of the cookie (not
the token) gets generated or set. I know that the token is
What would happen in the case of a load balancer and rpc requests
switching from one server to another from the same client , is sticky
sessions required ?
On Jul 6, 4:32 pm, David Chandler drfibona...@google.com wrote:
Hi Joey,
The XSRF token is stateless so you only need to call the
Thanks shawn for the feedback. I know that there are files like the
*.cache.* files produced by the compiler with hash values that are
unique for every build. So we can cache them for a long time using
http server (apache in my case ) by setting the cache-control header
for a max age for a year
I am working on optimizing my gwt app performance and I was looking at
caching among other things. But I noticed that there are only a few
posts that address the best practice of caching for GWT apps. (e.g.
etags , mod_expires)
I wanted to start a discussion on the matter and I would appreciate
