summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorArtur Signell <artur.signell@itmill.com>2010-06-01 16:20:46 +0000
committerArtur Signell <artur.signell@itmill.com>2010-06-01 16:20:46 +0000
commit137fd6a08117532a85e0fe6df888c99b3cd496bf (patch)
treedcf8a68f1bf58b81ab8a080ca0a4a6db8f92bb43 /src
parentf768fe1c8fd7314d5dc66a84fbb16b5e9fad0244 (diff)
downloadvaadin-framework-137fd6a08117532a85e0fe6df888c99b3cd496bf.tar.gz
vaadin-framework-137fd6a08117532a85e0fe6df888c99b3cd496bf.zip
Use UUID instead of Math.random() for stronger security key
svn changeset:13482/svn branch:6.4
Diffstat (limited to 'src')
-rw-r--r--src/com/vaadin/terminal/gwt/server/AbstractCommunicationManager.java3
1 files changed, 2 insertions, 1 deletions
diff --git a/src/com/vaadin/terminal/gwt/server/AbstractCommunicationManager.java b/src/com/vaadin/terminal/gwt/server/AbstractCommunicationManager.java
index 55f9d13fea..d8664e216c 100644
--- a/src/com/vaadin/terminal/gwt/server/AbstractCommunicationManager.java
+++ b/src/com/vaadin/terminal/gwt/server/AbstractCommunicationManager.java
@@ -34,6 +34,7 @@ import java.util.Locale;
import java.util.Map;
import java.util.Set;
import java.util.StringTokenizer;
+import java.util.UUID;
import javax.portlet.PortletRequest;
import javax.portlet.PortletResponse;
@@ -672,7 +673,7 @@ public abstract class AbstractCommunicationManager implements
String seckey = (String) request.getSession().getAttribute(
ApplicationConnection.UIDL_SECURITY_TOKEN_ID);
if (seckey == null) {
- seckey = "" + (int) (Math.random() * 1000000);
+ seckey = UUID.randomUUID().toString();
request.getSession().setAttribute(
ApplicationConnection.UIDL_SECURITY_TOKEN_ID, seckey);
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-04 18:36:59 +0000