Security implications of using AJAX in LDAP protected web application
posted 7 years ago
The following are my concerns when using AJAX in my LDAP protected web application:
1) Is it OK to use AJAX in LDAP protected web application?
2) Are there implications on the security of data when using AJAX?
3) How do I handle POST requests when using AJAX in protected web application?
4) What are the pros and cons of using AJAX in protected application?
Your answers to the above issues will be highly appreciated.
You need to protect all requests, not just AJAX ones. So everything you do for all your other pages applies to AJAX. Especially the parts about validating input request data (against hackers) and response data (against JSON injection.)