You may be interested in data signing not encryption. On Sat, May 30, 2009 at 5:09 AM, Deep Blue <[email protected]> wrote:
> > Hi, > > Thanks all for the comments / opinions. > I agreed with Daniel and Jason that we shouldn't send any extra info. > to client and protect from server side. > > However, some of my clients are paranoid about the data is being > exposed to users as clear text and they are able to forge the request > to retrieve data from server. > This is just one step more protection, but should be effective in > prevent normal users from forging the request just by using plugin in > firefox. > > GWT has already obfuscated the javascript source code when compiling, > this is great. > I was thinking maybe we can take one step further to encrypt the data > (only for sensitive information rpc.) > > We will protect the data / request from server side, but to let > clients able to rest assure, I am just trying to look out any way we > can implement the encryption in GWT. > I know it sounds ridiculous, but sometimes clients are ridiculuous. > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/Google-Web-Toolkit?hl=en -~----------~----~----~----~------~----~------~--~---
