Dark mode switch icon Light mode switch icon

Ajax Security Basics

2 min read

AJAX security is no different than normal web application security, except that it can add lots of complexity to a site and make black-box auditing much more difficult.

-----Original Message-----
From: Andrew van der Stock [mailto:vanderaj@greebo.net]
Sent: Tuesday, June 20, 2006 4:43 AM
To: Webappsec ((((E-mail))))
Subject: Fwd: SF new article announcement: Ajax security basics

This was posted to SecurityFocus.com yesterday.

Their article is eerily similar to my Ajax presentation from February
(particularly if you’ve seen me give the presentation), and even more
similar to the draft Ajax chapter I wrote shortly after for the OWASP
Guide (now posted to our Wiki - https://www.owasp.org/index.php/
Ajax_and_Other_%22Rich%22_Interface_Technologies). Hmmmm. As the saying
goes, this is the best form of flattery. I suppose.

If you haven’t had a chance to read up on Ajax security, their article
is a start… as is my presentation (https://www.greebo.net/?
page_id=329) and the draft chapter in the OWASP Guide 3.0 current.

thanks,
Andrew

Begin forwarded message:

> > Ajax security basics
> > By Jaswinder S. Hayre, and Jayasankar Kelath
> > 2006-06-19
> >
> > The purpose of this article is to introduce some of the security
> > implications with modern Ajax web technologies. Though Ajax
> > applications can be more difficult to test, security professionals
> > already have most of relevant approaches and tools needed.
> >
> > https://www.securityfocus.com/infocus/1868

Originally published on by Jason Axley

Tagged as: