Re: Security in gwt application.

Set the compiler style to PRETTY as it will be much easier to understand what is doing this if the code is not being obfuscated. 

However, what is the apparent issue with this code. It appears it appends the DOM and is looking at the current location of that page. As long as you use the SafeHtml functions and let GWT autoescape via element.setInnerText() rather than element.setInnerHTML(), you should be safe.

Sincerely,

Joseph

--
You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group.
To view this discussion on the web visit https://groups.google.com/d/msg/google-web-toolkit/-/a36SSbOQAlAJ.
To post to this group, send email to google-web-toolkit@googlegroups.com.
To unsubscribe from this group, send email to google-web-toolkit+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.