Hi, Thanks all for the comments / opinions. I agreed with Daniel and Jason that we shouldn't send any extra info. to client and protect from server side.
However, some of my clients are paranoid about the data is being exposed to users as clear text and they are able to forge the request to retrieve data from server. This is just one step more protection, but should be effective in prevent normal users from forging the request just by using plugin in firefox. GWT has already obfuscated the javascript source code when compiling, this is great. I was thinking maybe we can take one step further to encrypt the data (only for sensitive information rpc.) We will protect the data / request from server side, but to let clients able to rest assure, I am just trying to look out any way we can implement the encryption in GWT. I know it sounds ridiculous, but sometimes clients are ridiculuous. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/Google-Web-Toolkit?hl=en -~----------~----~----~----~------~----~------~--~---
