The module approach looks interesting. An alternative is to override the method
on the rpc servlet which handles this part. Then trap the error and return a
string of your choice.
The method will be the one which handles the deserialisation in the
RemoteServiceServlet. Possibly
Have you tried to add:
inherits name=com.google.gwt.user.RemoteServiceObfuscateTypeNames
to your module descriptor?
Am Donnerstag, 23. Juli 2015 07:22:29 UTC+2 schrieb Dave Y:
Hi,
My test team try to hack on the system, they found out that GWT-RPC call
returned a sensitive information
Hi,
My test team try to hack on the system, they found out that GWT-RPC call
returned a sensitive information (class name as highlighted in blue as
below) in response format //EX message. I'm amazed that I can't find any
postings on this issue.
HTTP Request (Request payload):
