There is the GWT RPC XSRF protection<http://code.google.com/webtoolkit/doc/latest/DevGuideSecurityRpcXsrf.html> to make GWT apps more secure. I know that RequestFactory isn't using "GWT RPC" although RF is using JSON to communicate with the backend just like GWT RPC does.
So does RF has a built-in XSRF protection or do I have to use a server-side token to prevent any unauthorized requests to the database? -- You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To view this discussion on the web visit https://groups.google.com/d/msg/google-web-toolkit/-/cDwv5wAK4ZcJ. To post to this group, send email to google-web-toolkit@googlegroups.com. To unsubscribe from this group, send email to google-web-toolkit+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.