7.8. Securing GWT-RPC against XSRF attacks
XSRF (or CSRF) is short for cross-site request forgery, and it’s an attack that could allow an attacker access to your web mail, your social networking account, or even your bank account. If you haven’t come across this term before, we suggest that you do some additional research, but let’s see if we can describe it briefly.
7.8.1. Understanding XSRF attacks
To help you better understand how an XSRF attack works, let’s examine a hypothetical situation. Pretend you’re a high-ranking executive for company X-Ray Alpha Delta, and you’re logged in to the top-secret extranet application doing some product research. Once you log in to the top-secret application, it keeps track of who you are by giving you ...
Get GWT in Action, Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
