Is there any risk of hacker intercepting the session data that is downloaded into client website in GWT?

Ok, Here is my scenarios. I manage session at server side, see the following code: HttpSession session = requestProvider.get().getSession(); String userMeaningID=(String)(session.getAttribute("userMeaningID")); Then I bring the userMeaningID into client website, this code is at clinet private AsyncCall<PostSignUpResult> postSessionCallback=new AsyncCall<PostSignUpResult>(){ @Override public void onCustomSuccess(PostSignUpResult result) { String userMeaningID=result.getUserMeaningID(); if(userMeaningID!=null && isNumber(userMeaningID)){ // user can manipulate info here } } } so my question is that, is there any risk that hacker somehow pass the fake userMeaningID into result so that result.getUserMeaningID(); will result the fake ID & thus they can play with the data on client. This is not a too big problem cos even they mess up data & send to server, then at server side I double check data again to make sure they valid. Although all data will be checked at server side before inserting into DB I still want to know Is there any risk of hacker intercepting the session data that is downloaded into client website in GWT? If there is a risk then how can we deal with it?

--
You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group.
To unsubscribe from this group and stop receiving emails from it, send an email to google-web-toolkit+unsubscribe@googlegroups.com.
To post to this group, send email to google-web-toolkit@googlegroups.com.
Visit this group at http://groups.google.com/group/google-web-toolkit.
For more options, visit https://groups.google.com/groups/opt_out.