File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes HTML, CSS and JavaScript and the fly likes What Are the Security Issues for a JavaScript Developer? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of EJB 3 in Action this week in the EJB and other Java EE Technologies forum!
JavaRanch » Java Forums » Engineering » HTML, CSS and JavaScript
Bookmark "What Are the Security Issues for a JavaScript Developer?" Watch "What Are the Security Issues for a JavaScript Developer?" New topic
Author

What Are the Security Issues for a JavaScript Developer?

Kaydell Leavitt
Ranch Hand

Joined: Nov 18, 2006
Posts: 688

I'm taking a course in JavaScript. What are the security issues with JavaScript development?
Tim Moores
Rancher

Joined: Sep 21, 2011
Posts: 2408
They're legion; start here: http://www.amazon.com/Ajax-Security-Billy-Hoffman/dp/0321491939
Kaydell Leavitt
Ranch Hand

Joined: Nov 18, 2006
Posts: 688

Tim Moores wrote:They're legion; start here: http://www.amazon.com/Ajax-Security-Billy-Hoffman/dp/0321491939


The book is about AJAX Security. Are there any other security issues with JavaScript that isn't AJAX?

Here is a website that says that security is so bad with JavaScript that JavaScript must die!
Elisabeth Robson
author
Ranch Hand

Joined: May 14, 2004
Posts: 173
    
    6
Three that pop to mind (aside from Ajax) to think about:

1) Linking to script libraries on other sites: make sure you trust the script you're using!
2) Using JSONP to load scripts into your page; just like (1), make sure you trust the web service you're using.
3) Using eval without checking what you're eval-ing.


Co-Author of Head First JavaScript Programming
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: What Are the Security Issues for a JavaScript Developer?
 
Similar Threads
Security issues in iPhone while accessing eCommerce websites
Security issues in Javascript
Include HTML as static resource
communicating between two web application
Modifing database object using javascript