December 1, 2006
AJAX Insecure? Expert says No Way.
Anonymous Reader writes "Jeremiah Grossman (CTO of WhiteHat Security) has published Myth-Busting an article dismissing the hyped-up claims that AJAX is insecure. He says: "The hype surrounding AJAX and security risks is hard to miss. Supposedly, this hot new technology responsible for compelling web-based applications like Gmail and Google Maps harbors a dark secret that opens the door to malicious hackers. Not exactly true." ... "Word on the cyber-street is that AJAX is the harbinger of larger attack surfaces, increased complexity, fake requests, denial of service, deadly cross-site scripting (XSS) , reliance on client-side security, and more. In reality, these issues existed well before AJAX. And, the recommended security best practices remain unchanged.""