GeeCON Prague 2014*
The moose likes XML and Related Technologies and the fly likes Cross-site scripting attacks Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


JavaRanch » Java Forums » Engineering » XML and Related Technologies
Bookmark "Cross-site scripting attacks" Watch "Cross-site scripting attacks" New topic
Author

Cross-site scripting attacks

Rajan Chinna
Ranch Hand

Joined: Jul 01, 2004
Posts: 320
Since Ajax approach leads to implementing code in javascript, How vulnerable it is for Cross-site scripting attacks?
Eric Pascarello
author
Rancher

Joined: Nov 08, 2001
Posts: 15376
    
    6
The XHR request object can not talk accross domains, a normal link or a forum submission is more viscious in where it can talk too.

Now if you are looking at the Yahoo worm or the myspace worm that used Ajax, read this posting on my blog: http://radio.javaranch.com/pascarello/2006/06/13/1150210232222.html

Eric
Rajan Chinna
Ranch Hand

Joined: Jul 01, 2004
Posts: 320
Mr.Eric
Thanks for the link, I was highly impressed about the depth of knowledge you possess I read your interview it was great.
I bookmarked your blog, hope you will add more interesting info for techie's quite frequently.
And also thanks for taking time and answering questions. Keep up the good job.
 
GeeCON Prague 2014
 
subject: Cross-site scripting attacks