This week's book giveaway is in the Servlets forum.
We're giving away four copies of Murach's Java Servlets and JSP and have Joel Murach on-line!
See this thread for details.
The moose likes HTML, CSS and JavaScript and the fly likes What Are the Security Issues for a JavaScript Developer? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Engineering » HTML, CSS and JavaScript
Bookmark "What Are the Security Issues for a JavaScript Developer?" Watch "What Are the Security Issues for a JavaScript Developer?" New topic
Author

What Are the Security Issues for a JavaScript Developer?

Kaydell Leavitt
Ranch Hand

Joined: Nov 18, 2006
Posts: 688

I'm taking a course in JavaScript. What are the security issues with JavaScript development?
Tim Moores
Rancher

Joined: Sep 21, 2011
Posts: 2408
They're legion; start here: http://www.amazon.com/Ajax-Security-Billy-Hoffman/dp/0321491939
Kaydell Leavitt
Ranch Hand

Joined: Nov 18, 2006
Posts: 688

Tim Moores wrote:They're legion; start here: http://www.amazon.com/Ajax-Security-Billy-Hoffman/dp/0321491939


The book is about AJAX Security. Are there any other security issues with JavaScript that isn't AJAX?

Here is a website that says that security is so bad with JavaScript that JavaScript must die!
Elisabeth Robson
author
Ranch Hand

Joined: May 14, 2004
Posts: 173
    
    6
Three that pop to mind (aside from Ajax) to think about:

1) Linking to script libraries on other sites: make sure you trust the script you're using!
2) Using JSONP to load scripts into your page; just like (1), make sure you trust the web service you're using.
3) Using eval without checking what you're eval-ing.


Co-Author of Head First JavaScript Programming
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: What Are the Security Issues for a JavaScript Developer?
 
Similar Threads
Security issues in iPhone while accessing eCommerce websites
Include HTML as static resource
Modifing database object using javascript
Security issues in Javascript
communicating between two web application