« The Return of AJAX? | Main | Ajax.NET Slides and podcast »

AJAX : the evil side ?

Earle Castledine have posted an article on DevX titled Using the XMLHttpRequest Object and AJAX to Spy On You, showing the evil side of AJAX applications. The example he provided is convincing which is the use of eval to load and run another javascript.

But I'm wondering why this manipulation, if a javascript is malicious it is !! and it could be loaded without need of AJAX, and its called a Javascript Bug. But what I'll say is that there is probably bugs with javascript implementations, there is also bugs with server side programming languages, but security issues are always related to programmer's code

A programmer can make his code secure using common protections depending on the programming language he's using. The question now is which website can we trust !! And the answer there is many ways to trust a website : use of certificate, privacy policy ..., otherwise there is even CSS exploit that could be used to spy on users.

Posted by Hatem on August 15, 2005 10:38 AM to General |

Bookmark this article at these sites
Post a comment





(Email will remain hidden)





Please enter the security code you see here




Related entries
Email to a friend
Email this article to:


Your email address:


Message (optional):