August 16, 2006 - 09:01 UTC - Tags: AJAX security
There has been a lot of writing on the web lately about Ajax being a major security concern for web applications. But are these concerns really justified? I just read a great article about this on "A Port80 Software Blog": Fear, Uncertainty and Doubt in Web 2.0
If the developers have bad security practices, Ajax certainly won't help build a more secure application. But by thinking the same way about Ajax, as say Web services, there is certainly ways to build secure Ajax applications. Ajax functions should of course be under that same security regime as the rest of the web application, which means password protection, input validation and output escaping.
Comments closed for this post
If the developers have bad security practices, Ajax certainly won't help build a more secure application. But by thinking the same way about Ajax, as say Web services, there is certainly ways to build secure Ajax applications. Ajax functions should of course be under that same security regime as the rest of the web application, which means password protection, input validation and output escaping.
About Erlend
Security guy with some thoughts on secure development.
Tag cloud
Categories
Blogroll
