DocumentCode
3571373
Title
Analyzing the Vulnerabilities in GWT Code and Applications
Author
Larson, Dave ; Jigang Liu ; Yanjun Zuo
Author_Institution
Metropolitan State Univ., St. Paul, MN, USA
fYear
2014
Firstpage
525
Lastpage
530
Abstract
The Google Web Toolkit (GWT) is a Java based toolkit for creating client-side Web applications by compiling Java code into Java Script. It also provides a mechanism for asynchronous calls to a Web server. This paper will examine GWT to discover APIs in GWT that may be vulnerable to Web application attacks, such as XSS and XSRF, and then analyze the vulnerabilities based on the cases provided in open source GWT code and applications. The data collected from the source code analysis will provide an indication of the extent of vulnerabilities in GWT and difficulties in securing GWT applications.
Keywords
Internet; Java; application program interfaces; file servers; public domain software; security of data; source code (software); API; Google Web Toolkit; Java based toolkit; Java code; Java script; Web application attacks; Web server; client-side Web applications; open source GWT code; source code analysis; vulnerability analysis; Browsers; Google; HTML; Java; Servers; Uniform resource locators; XML; GWT; Security; Vulnerabilities;
fLanguage
English
Publisher
ieee
Conference_Titel
Computing and Networking (CANDAR), 2014 Second International Symposium on
Type
conf
DOI
10.1109/CANDAR.2014.115
Filename
7052240
Link To Document