Top 10 Ajax Security Holes Post

Topics

Tags

Favorite Links

Translate

Security Books

Archives

Recent entries...

Announcing SecTemplates.com release #4: Vulnerability Management Program Release Pack 1.0

Announcing SecTemplates.com release #3: Bug bounty program pack 1.0

Announcing SecTemplates.com release #2: External penetration testing program pack 1.0

Announcing SecTemplates.com and the incident response program pack 1.0

20 years of CGISecurity: What appsec looked like in the year 2000

My experience coleading purple team

oAuth nightmares talk

Extensive IOS hacking guide released by Security Innovation

Presentation: Problems you'll face when building a software security program

Google's intentions are good, but implementation leave MORE users vulnerable to hacking than before

Twitter

Sponsored Ads

Sponsored Ads

The Web Security Mailing List

« Article: Challenges faced by automated web application security assessment tools | Main | Web Application Security Professionals Survey Results »

Top 10 Ajax Security Holes Post

RSnake provides some much needed insight into the AJAX craze.

"However, I'd like to point out, as I have before that really users should not consider AJAX to be another security risk. It is the same old risk that we have always faced, except there is more client side code that can be circumvented now. The more logic you create on the browser for parsing and security the more you must insure that your backend also protects you at the same time, since all client side security can be circumvented in one way or another"

Also linked is an article discussing 10 Ajax Security 'issues' along with RSnake's perspective.

Article Link: http://ha.ckers.org/blog/20061113/top-10-ajax-security-holes-post/

Posted by Robert A. on 11/14/2006 in Buzzwords | Permalink | Reddit

Comments

You can follow this conversation by subscribing to the comment feed for this post.

All Comments are Moderated and will be delayed!

Post a comment