Google Git
Sign in
gwt / gwt / 5a449bcfa167d92fa2b9e79c8b9499b0114ec486
commit5a449bcfa167d92fa2b9e79c8b9499b0114ec486[log] [tgz]
authormeder@google.com <meder@google.com@8db76d5a-ed1c-0410-87a9-c151d255dfc7>Sun Jan 30 23:10:56 2011 +0000
committermeder@google.com <meder@google.com@8db76d5a-ed1c-0410-87a9-c151d255dfc7>Sun Jan 30 23:10:56 2011 +0000
treeda2f1c0af6be912c37b88021ac57c5e8700a554e
parentc967804bdcdbd5454b11e85ece5e1f4a8d1877d9 [diff]
Rolling back, need to figure out why XsrfToken is excluded by type filter.

This change adds couple of things:
- abstract class which calls abstract XSRF token validation method based on
annotations (@XsrfProtect, @NoXsrfProtect).
- GWT RPC XSRF protection based on the above class, which derives XSRF token
from session cookie by computing MD5 over the cookie's value. Token can be
obtained from XsrfTokenService and must be set on client RPC endpoint via
HasRpcToken interface.


Review at http://gwt-code-reviews.appspot.com/1251801

Review by: jat@google.com

git-svn-id: https://google-web-toolkit.googlecode.com/svn/trunk@9658 8db76d5a-ed1c-0410-87a9-c151d255dfc7
25 files changed
tree: da2f1c0af6be912c37b88021ac57c5e8700a554e
  1. build-tools/
  2. dev/
  3. dev-ext/
  4. distro-source/
  5. doc/
  6. eclipse/
  7. jni/
  8. plugins/
  9. reference/
  10. samples/
  11. servlet/
  12. tools/
  13. user/
  14. build.xml
  15. common.ant.xml
  16. platforms.ant.xml