我有RPC调用从数据库中获取一些值,我使用GWT,在哪里使用RPC调用,相同的代码适用于IE,但相同的代码不适用于Firefox。这没有意义。
2011-07-28 15:27:47.657:WARN:/:Exception while dispatching incoming RPC call
java.lang.SecurityException: Blocked request without GWT permutation header (XSRF attack?)
at com.google.gwt.user.server.rpc.RemoteServiceServlet.checkPermutationStrongName(RemoteServiceServlet.java:272)
at com.google.gwt.user.server.rpc.RemoteServiceServlet.processCall(RemoteServiceServlet.java:203)
at com.google.gwt.user.server.rpc.RemoteServiceServlet.processPost(RemoteServiceServlet.java:248)
at com.google.gwt.user.server.rpc.AbstractRemoteServiceServlet.doPost(AbstractRemoteServiceServlet.java:62)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
答案 0 :(得分:3)
在GWT 2.3中添加了跨站点请求伪造,我假设您已经查看http://code.google.com/webtoolkit/doc/latest/DevGuideSecurityRpcXsrf.html并进行了必要的更改?