The Security Risks of AJAX/Web 2.0 Applications

Paul Ritchie

Paul Ritchie, The Security Risks of AJAX/Web 2.0 Applications, Network Security, 2007(3):4-8, March 2007.

Web 2.0 has become a generic phrase summing up everything that is hot and new about the Internet. However, underneath it lie some fundamental concepts, including the writeable web, increased audience participation, and a move away from traditional 'click and wait' web applications, in which input was delivered on a page by page basis. AJAX (asynchronous JavaScript and XML) is a programming mechanism that has enabled developers to deliver a better experience to web users. However, just as basic JavaScript validation mechanisms did before it, AJAX-based applications may be subject to abuse by intruders who can launch attacks designed to bypass login scripts, for example. Programmers and project managers must come to terms with the tension between a better user experience and the potential for security flaws. One way to resolve them is to use robust coding techniques to protect applications.


Bibliography Navigation: Reference List; Author Index; Title Index; Keyword Index

Generated by sharef2html on 2011-04-15, 02:00:41.