Google Git
Sign in
gwt / gwt / d816d76ac001f323a717af896bf8d4c861eead24
commitd816d76ac001f323a717af896bf8d4c861eead24[log] [tgz]
authormeder@google.com <meder@google.com@8db76d5a-ed1c-0410-87a9-c151d255dfc7>Mon Feb 07 00:09:46 2011 +0000
committermeder@google.com <meder@google.com@8db76d5a-ed1c-0410-87a9-c151d255dfc7>Mon Feb 07 00:09:46 2011 +0000
tree8fb56298779f51f3614a34bd5d56a685caf02a65
parentdf8fb0022079d6fe1c44e372b8f42814acc18e01 [diff]
This change adds couple of things:
- abstract class which calls abstract XSRF token validation method based on
annotations (@XsrfProtect, @NoXsrfProtect).
- GWT RPC XSRF protection based on the above class, which derives XSRF token
from session cookie by computing MD5 over the cookie's value. Token can be
obtained from XsrfTokenService and must be set on client RPC endpoint via
HasRpcToken interface.


git-svn-id: https://google-web-toolkit.googlecode.com/svn/trunk@9677 8db76d5a-ed1c-0410-87a9-c151d255dfc7
25 files changed
tree: 8fb56298779f51f3614a34bd5d56a685caf02a65
  1. build-tools/
  2. dev/
  3. dev-ext/
  4. distro-source/
  5. doc/
  6. eclipse/
  7. jni/
  8. plugins/
  9. reference/
  10. samples/
  11. servlet/
  12. tools/
  13. user/
  14. build.xml
  15. common.ant.xml
  16. platforms.ant.xml