GWT HTML widget security risks

Posted by h2g2java on Stack Overflow See other posts from Stack Overflow or by h2g2java
Published on 2010-03-15T07:57:00Z Indexed on 2010/03/15 7:59 UTC
Read the original article Hit count: 260

Filed under:
|
|

In GWT javadoc, we are advised

If you only need a simple label (text, but not HTML), then the Label widget is more appropriate, as it disallows the use of HTML, which can lead to potential security issues if not used properly.

I would like to be educated/reminded about the security susceptibilities? It would be nice to list the description of the mechanisms of those risks.

Are the susceptibilities equally potent on GAE vs Amazon vs my home linux server?
Are they equally potent across the browser brands?

Thank you.

© Stack Overflow or respective owner

Related posts about gwt

Related posts about html-widget