AJAX and security
Posted Sep 8, 2006 22:34 UTC (Fri) by mrshiny
In reply to: AJAX and security
Parent article: AJAX and security
But frankly this is not a new phenomenon. There have been tons of sites in the past that have done things like generate SQL on the client, or store permissions in cookies, or other stupid things. Ajax changes nothing; saying that there are security issues with Ajax is misleading.
The article seems to imply (in its headline mainly) that Ajax has security problems, and conversely that not using Ajax is secure. This article would have been better conceived as an article about web programming, with only a single paragraph dedicated to Ajax in particular. The security risks are real; let's tell all web programmers about them, instead of scaring people away from Ajax, or giving non-Ajax users a false sense of security.
to post comments)