• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Cross-site scripting attacks

 
Rajan Chinna
Ranch Hand
Posts: 320
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Since Ajax approach leads to implementing code in javascript, How vulnerable it is for Cross-site scripting attacks?
 
Eric Pascarello
author
Rancher
Posts: 15385
6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The XHR request object can not talk accross domains, a normal link or a forum submission is more viscious in where it can talk too.

Now if you are looking at the Yahoo worm or the myspace worm that used Ajax, read this posting on my blog: http://radio.javaranch.com/pascarello/2006/06/13/1150210232222.html

Eric
 
Rajan Chinna
Ranch Hand
Posts: 320
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Mr.Eric
Thanks for the link, I was highly impressed about the depth of knowledge you possess I read your interview it was great.
I bookmarked your blog, hope you will add more interesting info for techie's quite frequently.
And also thanks for taking time and answering questions. Keep up the good job.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic