Philippines Telecoms 4G Web 2.0 Shortcode SMS MMS WAP Mobile Technology: AJAX and the basics of web security

Wednesday, February 22, 2006

AJAX and the basics of web security

Web applications is booming again since the rapid adaptation of AJAX, but let us not forget the basic security measures we have to put in place. If we rely too much on javascript validation to make a "sane" XMLHttpRequest request then we have to rework it since any decent hacker can create a custom browser that allows arbitrary calls to any exposed AJAX methods.

Check out the Open Web Application Security Project's top ten list of security flaws: http://www.owasp.org/documentation/topten.html

0 comments:

Post a Comment

About This Blog

This blog aims to profile, test, analyze, and help in development of technologies, services, business models, platforms, and applications for the Philippine context.

We hope to contribute define and influence the future of Philippine mobile industry by sharing and receiving feedbacks from the consumers; bridging them with developers and decision makers who will ultimately develop concepts and models for Philippine's Mobile 2.0

We also tackles a lot about Web 2.0 technologies, system designs, politics, open source and news that relates on our experiences with software engineering and development in mobile.

Finally we take occasional breaks by sharing personal posts that we hope shows the lighter side of people that works in the mobile industry.

Disclosure

This blog is a personal blog written and edited by me. For questions about this blog, please contact Roger Filomeno (rpfilomeno At Gmail Dot com).

This blog accepts forms of cash advertising, sponsorship, paid insertions or other forms of compensation.

The compensation received will never influence the content, topics or posts made in this blog. All advertising is in the form of advertisements generated by a third party ad network. Those advertisements will be identified as paid advertisements.

The owner(s) of this blog is compensated to provide opinion on products, services, websites and various other topics. Even though the owner(s) of this blog receives compensation for our posts or advertisements, we always give our honest opinions, findings, beliefs, or experiences on those topics or products. The views and opinions expressed on this blog are purely the bloggers' own. Any product claim, statistic, quote or other representation about a product or service should be verified with the manufacturer, provider or party in question.

This blog does contain content which might present a conflict of interest. This content may not always be identified.

View this blog on mobile!

http://tinyurl.com/corruptedpart

Philippines Telecoms 4G Web 2.0 Shortcode SMS MMS WAP Mobile Technology

Wednesday, February 22, 2006

AJAX and the basics of web security

0 comments:

Related Links

Blog Archive

My Blog List

Do you follow me?

My Projects

My Groups

About Me

About This Blog

Meta