Re: rpc serialization without the rpc

How do you plan to get the payload of any GWT-RPC request to the server when using HTTP GET? Using URL parameters can be pretty unsafe because every GWT-RPC payload should contain your app's security token / session id to prevent CSRF attacks.

-- J.

--
You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group.
To view this discussion on the web visit https://groups.google.com/d/msg/google-web-toolkit/-/fpt8xvV300IJ.
To post to this group, send email to google-web-toolkit@googlegroups.com.
To unsubscribe from this group, send email to google-web-toolkit+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.