Published on 2006-02-07 19:54:00

Eric Pascarello, the co-author of Ajax in Action, have been interviewed by Colleen Frye at SearchWebServices.com. We have already talked about the MySpace Worm in October, and Eric have answered many question concerned this worm, the need of security for AJAX applications, the server-side validation ...

Ajax is being lauded as a technology to deliver a richer user experience. But does the use of an XMLHttpRequest open up security vulnerabilities?

Eric Pascarello: When people look at Ajax they see this XMLHttpRequest object performing magic on a Web page and they think that this can lead to major security flaws. When we do a simple view source on the page, we see the page we are calling, the parameters that are being sent. Anyone with any basic knowledge of JavaScript can easily inject scripts onto the page and change the request object to send other data. So yes, it is open to attack, but it is not anything to be afraid of.

Read More

• AJFORM : JavaScript AJAX and PHP ToolKit
• CFAjax, What it is and How to Use it
• TechTarget Acquired Ajaxian
• A Snapshot of Snap, the New AJAX Search Engine

• Click Here to Win $250 For Shopping
• [Contact us]

Member of the PHP Magazine Network, Copyright (C) 2005-2008 phpmagazine.net All Rights Reserved