I know we've been a little quiet lately about Google Web Toolkit (GWT) product development, but, don't worry, we're feverishly polishing up the codebase for GWT 1.4. We've checked in all the source code for the new features, and we'll produce a release candidate once we address all the Critical and High priority issues tagged as 1.4RC.
On the app development side of things, we're really excited to see a new application called QueWeb Customer Care, which is a Customer Relationship Management tool built with GWT; go ahead and play with a demo (you have to register, but it's free). They've done some fancy stuff and the app is still quite fast.
In other news, we'd like to give a warm welcome to Rajeev Dayal and Bob Vawter, two relatively new software engineers on the GWT team. Given logistics, Rajeev, Bob and Joel Webber weren't pictured previously, but we didn't want to leave them out of the fun:
Of course, if you just can't wait to get started, you can always download GWT 1.3. Or if you'd like to throw in a few bug fixes of your own, you can get started on Making GWT Better.
This year, the Google Web Toolkit is participating in the Google Summer of Code. We were absolutely amazed by the turnout. We received over 100 proposals in response to our request for ideas! We wish we could have accepted everyone, but we had to pick three.
Here are the students who will be working with the GWT team this summer, and their projects:
The competition was fierce -- we had a really tough time narrowing down the field to those three. Thanks to everyone who applied!
We hope you'll help us welcome Aleksey, Aleksandar, and Tomasz as they get started on their projects. They'll be basing their work on the current version of GWT, and we look forward to adding these exciting features to a future version.
Recently I've been working on some Google Web Toolkit (GWT) libraries that involve JSON and JSONP. While working on this project, I've been reminded just how tricky AJAX can be. It's no secret that there are a lot of people out there who spend huge portions of their lives thinking up ways to steal your data (or worse). Unfortunately, the same cool tricks that let you build AJAX sites and mashups also make it easy to build unsafe web applications. Some of the attacks evildoers have come up with are downright devious!
One of the key goals of GWT is to let developers focus on their users' needs, instead of on JavaScript and browser quirks. However, the consequences of a security exploit can be serious, so it's important that GWT developers understand how such attacks work, and how to prevent them.
To help get the word out, I've put together an article on my experiences. Eventually we'll merge its contents into the GWT Developer Documentation, but we thought that it was important to get this out to GWT developers rather than wait for the next documentation update.
You can find the article here: Security for GWT Applications. I hope you find it useful; if you do (or even if you don't), please feel free to let me know in the GWT Developer Forum!
