Title :
Analyzing the Vulnerabilities in GWT Code and Applications
Author :
Larson, Dave ; Jigang Liu ; Yanjun Zuo
Author_Institution :
Metropolitan State Univ., St. Paul, MN, USA
Abstract :
The Google Web Toolkit (GWT) is a Java based toolkit for creating client-side Web applications by compiling Java code into Java Script. It also provides a mechanism for asynchronous calls to a Web server. This paper will examine GWT to discover APIs in GWT that may be vulnerable to Web application attacks, such as XSS and XSRF, and then analyze the vulnerabilities based on the cases provided in open source GWT code and applications. The data collected from the source code analysis will provide an indication of the extent of vulnerabilities in GWT and difficulties in securing GWT applications.
Keywords :
Internet; Java; application program interfaces; file servers; public domain software; security of data; source code (software); API; Google Web Toolkit; Java based toolkit; Java code; Java script; Web application attacks; Web server; client-side Web applications; open source GWT code; source code analysis; vulnerability analysis; Browsers; Google; HTML; Java; Servers; Uniform resource locators; XML; GWT; Security; Vulnerabilities;
Conference_Titel :
Computing and Networking (CANDAR), 2014 Second International Symposium on
DOI :
10.1109/CANDAR.2014.115
