java

Security Threats Posed By Ajax

Filed in archive AJAX on June 12, 2006

Although rated as quite useful, AJAX introduces a new vulnerability into websites and user interactions. The problems are caused when downloaded JavaScript code is executed on the client. A number of security problems were caused due to Microsoft Visual Basic developer's use of ActiveX controls in web applications. This could cause intruders to substitute their own executables in the download and run them on unsuspecting user's PCs.

As per Fima Katz, CEO, Ajax integrated development environment supplier, the problem is with regard to careful design and not interactive technology. The client should be kept minimal along with restrictions on what JavaScript is allowed to do on it. In case the application is opened to the world then the business logic downloaded to the client should be kept to a minimum and business logic must be executed on the internet server as it can be easily protected against intrusion and code injection.

Related Entries:

« The Java FindBugs Project | Main | Free AJAX API Offered By ... »

Permalink: Security Threats Posed By Ajax

Tags: AJAX Security ajax security java posed+ajax threats+posed security+threats

Vote for Security Threats Posed By Ajax:

Currently 9.00/10
1
2
3
4
5
6
7
8
9
10

Rating: 9.00 out of 2 vote(s) cast.

Add your response to Security Threats Posed By Ajax:

Name: *

Email: (will never be shown)*

URL:

(* marked fields are required)

Notify me if more comments appear?

Subscribe to Java Entrepreneur newsletter? (Newsletters are sent out weekly).

Remember me

Security Code: *
(Please help us to sort out spam.)

Please enter your comment here: (Sorry, no HTML is allowed - URLs will be made clickable automatically if you add http:// to your URL.)

We welcome your comments, however all comments are moderated. Offensive or off-topic comments will be deleted and not displayed.

Share It

Tagcloud

All contents are protected by copyright. | Terms of Use | Privacy Policy | Contact Us