AJAX security issues: What are the security issues with AJAX?


AJAX security issues

Ajax  - What are the security issues with AJAX? - Feb 27, 2010 at 22:40 pm by Shuchi Gauri

What are the security issues with AJAX?

The Ajax calls are sent in plain text format, this might lead to insecure database access. The data gets stored on the clients browser, thus making the data available to anyone. It also allows monitoring browsing sessions by inserting scripts.

What are the security issues with AJAX?

AJAX function calls are sent in plain text to server. These calls may easily reveal database details, variable names etc

User’s browsing session can be monitored my maliciously inserting scripts

Ajax may encourage developers to use multiple server side pages thereby introducing multiple entry points for attackers

Ajax security issues posted on March 12, 2009 at 22:35 pm by Rajmeet Ghai.

Are there any security issues with AJAX?

  • A JavaScript can not access the local file system without the user's permission.
  • An AJAX interaction can only be made with the servers-side component from which the page was loaded.
  • A proxy pattern could be used for AJAX interactions with external services.
  • The application model should not be exposed as some user might be able to reverse engineer the application.
  • HTTPS can be used to secure the connection when confidential information is being exchanged.

Write your comment - Share Knowledge and Experience

More Related Links
Describe the formats and protocols used by AJAX.

Answer - Ajax uses HTTP’s GET or POST. AJAX also uses XMLHttpRequest protocol for requesting to the web server...............

Describe how to handle concurrent AJAX requests.

Answer - JavaScipt Closures can be used for handling concurrent requests. A function can be written.............

When should AJAX NOT be used?

Answer - If the page is expected to be shown in a search engine like Google. Since Web crawlers don’t execute...............

How to display information from data source in SharePoint site?

Here, we will learn to apply nice formatting to data that is displayed on our page. We will learn to do this by making use of Cascading Style Sheets. We will also learn how to format our data automatically, depending on the data values (a technique known as conditional formatting). Then we will learn to filter and sort our data, use formulae to perform calculations, and how to split our data up into multiple pages.

Rich user interfaces and AJAX 

Rich user interfaces can be achieved by using a combination of dynamic HTML elements such as HTML and JavaScript. However, the scope of such an interface is limited to client-side behavior and has minimal functional implications due to the lack of server-side interactions.

AJAX in JBoss portal 

AJAX has gained tremendous popularity in the traditional web application development world due to the richness and agility that it brings to user interfaces. Portals, such as JBoss portal, can also gain signifi cantly from AJAX, in terms of implementation of both behavior and functionality.

Latest placement tests
Latest links
Latest MCQs
» General awareness - Banking » ASP.NET » PL/SQL » Mechanical Engineering
» IAS Prelims GS » Java » Programming Language » Electrical Engineering
» English » C++ » Software Engineering » Electronic Engineering
» Quantitative Aptitude » Oracle » English » Finance
Home | About us | Sitemap | Contact us