Slashdot Mirror

← Back to Stories (view on slashdot.org)

Is Your AJAX App Secure?

Posted by ryuzaki0 on Wednesday April 5, 2006 @02:13AM from the something-to-think-about dept.

ShaolinTiger writes "An article looking in detail at some of the security problems with AJAX, how to find them and how to approach them or fix them. Security with AJAX is of course an important consideration as it's asychronous and a malicious user could write data back to your database if implemented incorrectly."

1 of 142 comments (clear)

Min score:

Reason:

Sort:

Challenges of AJAX by cyberjessy · 2006-04-05 02:24 · Score: 3, Interesting

Security with AJAX is of course an important consideration as it's asychronous and a malicious user could write data back to your database if implemented incorrectly.

That statement is a little misleading, as security is not directly related to requests being asynchronous. I think what the poster meant is that being asynchronous, AJAX application make lots of calls to the back end. In a non-AJAX app, typically you fetch the data during the page load. In AJAX app, users request sections of the page to be refreshed, meaning a lot more finely grained methods to the backend are exposed.

non-AJAX:
LoadMainPage()
AJAX:
LoadTitles()
LoadSections()
LoadSummary()

--
Life is just a conviction.