Tuesday, February 7th, 2006

Eric Pascarello Interviewed about Ajax Security

Category: Ajax, Security, XmlHttpRequest

On SearchWebServices.com, there’s an interview with Eric Pascarello, co-author of the book “Ajax in Action” concerning some of the security issues that surround Ajax and how to address them.

In this interview he talks about Ajax security issues, the need for server-side validation and the Ajax worm released last October on MySpace.com

They start at the heart of the matter, asking Eric if, just by its use, Ajax makes a site more prone to security issues. They touch on the importance of validation, whether or not Ajax causes any new types of threats to arise, and the troubles that allowing cross-domain Ajax requests could cause.

This final point includes comments about the “Samy” worm and some of Erics “Rules of Thumb” fo rkeeping things nice and secure with your Ajax applications.

Posted by Chris Cornutt at 4:16 pm
1 Comment

+++--
3.4 rating from 38 votes

1 Comment »

Comments feed TrackBack URI

I think that by nature when a new technology comes out there are a large amount of users who have to slap it up on their site without thinking through what they want to accomplish with it. AJAX, just like a lot of other techniques should be used wisely and WHENEVER you are planning on having interactions with databases and what not you have to expect that someone is going to try and mess with that process.

Comment by Brian — February 7, 2006

Leave a comment

You must be logged in to post a comment.