[WEB SECURITY] "AJAX breathes new life into Web apps"

Nathan Tobik nathan.tobik at vigilantminds.com
Tue May 24 15:32:32 EDT 2005

I've read a bit about AJAX and it's a pretty cool technology.  What I'm
wondering is what are the security implications of using this within web

Specifically I am thinking that since the pages use JavaScript what
could happen if a user were to use something like GreaseMonkey
(http://greasemonkey.mozdev.org/) in Firefox or something similar.  Does
Ajax open a server up to client side attacks with Javascript? 

OTOH is anyone using AJAX to enhance the security of their web apps?

Nate Tobik
(412)661-5700 x206

Subject: [WEB SECURITY] "AJAX breathes new life into Web apps"

An intro to AJAX article got posted to slashdot today


AJAX is the newly minted acronym encompassing a fresh vision of
empowered browsers: Asynchronous JavaScript and XML. Before AJAX, Web
pages displayed links, forms, and buttons. When a user clicked on a link
or a button, the browser sent a message to a distant server asking what
to display next. JavaScript would typically be used for nothing more
than to check form inputs. Web pages were as static as pages in a book.
" - Infoworld


The Web Security Mailing List

The Web Security Mailing List Archives

More information about the websecurity mailing list