Tuesday, October 31, 2017

GWT csrf protection

Gwt Documentation http://www.gwtproject.org/doc/latest/DevGuideSecurityRpcXsrf.html as well as GWT IN action https://manning-content.s3.amazonaws.com/download/d/07888ea-bada-44cc-9c55-ead15ea7fe85/GWT_sample-07.pdf recommend extending XsrfProtectedService on client side and XsrfProtectedServiceServlet on server side....

But both thse methods are still marked as "EXPERIMENTAL and subject to change. Do not use this in production code. "

What gives? is this a leftover - or are they now safe to use in production?

Thanks for your help in advance!

You received this message because you are subscribed to the Google Groups "GWT Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to google-web-toolkit+unsubscribe@googlegroups.com.
To post to this group, send email to google-web-toolkit@googlegroups.com.
Visit this group at https://groups.google.com/group/google-web-toolkit.
For more options, visit https://groups.google.com/d/optout.

No comments:

Post a Comment