Top 10 Ajax Security Holes Post
RSnake provides some much needed insight into the AJAX craze.
"However, I'd like to point out, as I have before that really users should not consider AJAX to be another security risk. It is the same old risk that we have always faced, except there is more client side code that can be circumvented now. The more logic you create on the browser for parsing and security the more you must insure that your backend also protects you at the same time, since all client side security can be circumvented in one way or another"
Also linked is an article discussing 10 Ajax Security 'issues' along with RSnake's perspective.
Article Link: http://ha.ckers.org/blog/20061113/top-10-ajax-security-holes-post/
Comments
You can follow this conversation by subscribing to the comment feed for this post.
All Comments are Moderated and will be delayed!
Post a comment