Interesting article on AJAX Security flaws, sighted by Joe On .NET, but some reason its no longer showing on his site(?)
http://www.eweek.com/article2/0,1895,2110554,00.asp
"…. called JavaScript Hijacking—can be found in the biggest AJAX frameworks out there, including three server-integrated toolkits: Microsoft ASP.Net AJAX (aka Atlas), Google Web Toolkit and xajax—the last of which is an open-source PHP-class library implementation of AJAX…."
One line synopsis:
Basically don’t use in built AJAX when sensitive data is being passed, but it is fine on public sites.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment