[WEB SECURITY] "AJAX breathes new life into Web apps"

Garth Somerville gsomerville at covelight.com
Tue May 24 16:13:16 EDT 2005


Nathan Tobik wrote:

>I've read a bit about AJAX and it's a pretty cool technology.  What I'm
>wondering is what are the security implications of using this within web
>apps?
>  
>
One issue could be that it may not occur to developers that asynchronous 
requests made using xmlHttpRequest need to be validated on the server.

I can't argue with the impressive applications built using ajax 
technology (e.g. Google maps), but I do wonder how maintainable such 
applications will be.

-Garth


---------------------------------------------------------------------
The Web Security Mailing List
http://www.webappsec.org/lists/websecurity/

The Web Security Mailing List Archives
http://www.webappsec.org/lists/websecurity/archive/



More information about the websecurity mailing list