Hi:
I'm reading about XSS attacks and GWT unsafe code.
I've got a method ( client side)
public void print(String message)
{
widget.setHTML(message)
}
And this method is invoked by others methods (client side) on this way:
this.print("<br>This is an error</br>");
this.print("<br>This is another error</br>");
....
Where is the unsafe code ? How is it possible to inject malicious code ?
Thanks and regards
You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group.
To view this discussion on the web visit https://groups.google.com/d/msg/google-web-toolkit/-/2sZfZ7LnnPgJ.
To post to this group, send email to google-web-toolkit@googlegroups.com.
To unsubscribe from this group, send email to google-web-toolkit+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.
No comments:
Post a Comment