问题描述
如何查看Google Web Toolkits(GWT)RPC调用的数据格式以及IsSerializable对象如何传输。我知道Java Serializable传输某种二进制格式,但GWT也是如此吗? (因为我不认为它与JavaScript兼容,或者至少需要额外的解析)。
如何查看Google Web Toolkits(GWT)RPC调用的数据格式以及IsSerializable对象如何传输。我知道Java Serializable传输某种二进制格式,但GWT也是如此吗? (因为我不认为它与JavaScript兼容,或者至少需要额外的解析)。
编辑: Brian Slesinsky刚刚记录了协议(通过反编译代码):
显然,它不是二进制的,正如你怀疑的那样,而是文本基。服务器到客户端基于JSON(使用 // OK
或 // EX
前缀来判断请求是成功还是失败)。两者都使用可序列化类的常见知识来序列化/反序列化;例如,双方都知道类X有两个字段,即一个整数和一个字符串,按顺序序列化,因此它们都写/读一个整数,然后是一个字符串,而不需要以编码格式指定它是哪个字段关于。
$ b
GWT-RPC协议版本化(它随着新GWT版本的发布而定期更新),并使用类和序列化字段名称的哈希来确保客户端和服务器都使用相同版本的类(这意味着每次更改可序列化类时都必须重新编译和重新部署客户端代码)。
最好的文档是代码,但您可以在这些幻灯片中找到请求格式的概述:
RequestFactory与GWT-RPC相反,使用对称的基于JSON的协议(基于AutoBean的JSON序列化)其中客户端和服务器可以进行通信,即使没有从相同的代码进行编译(当然,取决于您在版本间做出的更改),因为它们传递了类名和属性名。
How does the data format for Google Web Toolkits (GWT) RPC calls look and how are IsSerializable objects transmitted. I know that Java Serializable transmits some kind of binary format, but is this the case with GWT too? (Since I don't expect it to be compatible with JavaScript, or at least require some additional parsing).
EDIT: Brian Slesinsky just documented the protocol (by reverse-engineering the code): https://docs.google.com/document/d/1eG0YocsYYbNAtivkLtcaiEE5IOF5u4LUol8-LL0TIKU/edit
First, GWT-RPC protocol is asymmetric so that it's always optimized for the client-side: fast to deserialize something coming from the server, and fast to serialize something to send to it.
It's obviously not binary, as you suspected, but text-based. client-to-server protocol is pipe-delimited while server-to-client is based on JSON (with a //OK
or //EX
prefix to tell whether the request succeeded or failed). Both use the common knowledge of the serializable classes to serialize/deserialize; for instance, both sides know that class X has two fields, an integer and a String, serialized in that order, so they both write/read an integer, and then a String, with no need to specify in the encoded format which field it's about.
GWT-RPC protocol is versionned (it changes regularly as new GWT versions are released), and uses hashes of the class and serializable fields' names to ensure the client and server both use the same versions of the classes (which means you have to recompile and redeploy your client code each time you change a serializable class).
The best documentation is the code, but you'll find an overview of the request format in these slides: https://www.owasp.org/images/7/77/Attacking_Google_Web_Toolkit.ppt
RequestFactory, contrary to GWT-RPC, uses a symmetric JSON-based protocol (based on AutoBean's JSON serialization) where client and server can communicate even when not compiled from the same code (well, depending on the changes you made between versions, of course), because they pass around class and property names.
这篇关于GWT RPC数据格式的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!