Gizmox, the developer of Visual WebGui open source platform, announced a contest, sponsored by the Company, which will pay $10,000 to anyone who can hack into its Visual WebGui Platform. The Contest will take the shape of an investigation into...
Main > AJAX Security - Page 1 of 2
November 19, 2008
July 24, 2007
httpOnly Cookies have been added silently to Firefox 2.0.0.5, this will let you set cookies for html only and make it inaccessible from JavaScript using the document.cookie. An excellent security option to prevent against XSS, but still not available on...
June 26, 2007
Just few days before the official release of the famous iPhone, Safari 3.0.2 Beta released and seems to fix major rendering problems for windows platform but especially fixes a security bug which concerns XMLHttpRequest. Releasing Safari for windows was probably...
May 22, 2007
On September 12-13th, 2007 will be held the Secure Development World in Alexandria, VA, a conference dedicated to secure software development which tracks : Programming and Scripting Security, Attacking Secure Applications, Enterprise Application Defense, SDLC/Management/Developmental Process, and Secure Software Tips,...
April 13, 2007
Opera software released version 9.20 of its free desktop browser with some notable security changes including : a fix of character encoding inheritance issue with frames, an issue regarding handling of FTP PASV response, an issue where scripts could continue...
April 3, 2007
Dan Morrill, Google Developer Programs, posted a very good article on Security for GWT Applications. The article explores the different JavaScript vulnerabilities : Leaking Data, XSS, Forging Requests, JSON and XSRF; and how GWT developers can fight against these security...
Wallace pointed today to a an article on CNET news titled The feds weigh in on Windows security talking about the US Government suggestion setups for Windows XP and Windows Vista, a configuration that will prohibit AJAX application ! If...
April 2, 2007
Fortify Software released today a Web 2.0/AJAX Security whitepaper that affect almost all JavaScript Frameworks and libraries. Fortify experts analysed 12 popular AJAX Frameworks, including 4 server-integrated toolkits - Direct Web Remoting (DWR), Microsoft ASP.NET Ajax (a.k.a. Atlas), xajax and...
March 20, 2007
Kyle Beyer, author of ASP.NET Ajax login system, a solution to make client side calls to authentication and registration web services, made a challenge of $100 for anyone able to broke his library's security. ajax-login-system is open source under New...
March 12, 2007
You should know about the Digg button that you can add on your own website and looks very beautiful, but do you know that it opened an XSS exploit ? Well, it looks like there is no need at all...
AJAX Magazine's RSS
Twitter page
Facebook page