Boeing will showcase its latest cross-domain transfer solutions -- which feature technology accredited at the highest level of protection in the United States for secure information sharing -- at the 2010 Unified Cross Domain Management Office (UCDMO) Conference, Aug....
Main > AJAX Security - Page 1 of 3
August 5, 2010
July 21, 2010
Facebook, among many others, was suffering recently from different kind of insecurities clickjacking, likejacking, or whatever you like to call it. Most of these bugs emerged after introducing new Ajax features to existing applications. An interesting example is the...
November 17, 2009
SRP-Hermetic, a JavaScript library which aims at providing a highly secure Ajax channel implementation (MIT license). Authentication is based on the SRP protocol, and messages can be signed using HMAC or fully encrypted using AES. An interesting implementation providing secure...
November 19, 2008
Gizmox, the developer of Visual WebGui open source platform, announced a contest, sponsored by the Company, which will pay $10,000 to anyone who can hack into its Visual WebGui Platform. The Contest will take the shape of an investigation into...
July 24, 2007
httpOnly Cookies have been added silently to Firefox 2.0.0.5, this will let you set cookies for html only and make it inaccessible from JavaScript using the document.cookie. An excellent security option to prevent against XSS, but still not available on...
June 26, 2007
Just few days before the official release of the famous iPhone, Safari 3.0.2 Beta released and seems to fix major rendering problems for windows platform but especially fixes a security bug which concerns XMLHttpRequest. Releasing Safari for windows was probably...
May 22, 2007
On September 12-13th, 2007 will be held the Secure Development World in Alexandria, VA, a conference dedicated to secure software development which tracks : Programming and Scripting Security, Attacking Secure Applications, Enterprise Application Defense, SDLC/Management/Developmental Process, and Secure Software Tips,...
April 13, 2007
Opera software released version 9.20 of its free desktop browser with some notable security changes including : a fix of character encoding inheritance issue with frames, an issue regarding handling of FTP PASV response, an issue where scripts could continue...
April 3, 2007
Dan Morrill, Google Developer Programs, posted a very good article on Security for GWT Applications. The article explores the different JavaScript vulnerabilities : Leaking Data, XSS, Forging Requests, JSON and XSRF; and how GWT developers can fight against these security...
Wallace pointed today to a an article on CNET news titled The feds weigh in on Windows security talking about the US Government suggestion setups for Windows XP and Windows Vista, a configuration that will prohibit AJAX application ! If...
AJAX Magazine's RSS
Twitter page
Facebook page
