O'Reilly logo

Ajax Security by Bryan Sullivan, Billy Hoffman

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

14Testing Ajax Applications

Myth: Ajax applications can be tested in the same way as traditional Web applications.

Throughout this book, we have referred to three main challenges for implementing secure Ajax applications. Ajax sites are more difficult to secure because they have increased complexity, increased attack surface, and increased transparency when compared to traditional Web applications. Of these three, the increased transparency is probably the most significant and most dangerous. When application logic is pushed to the client tier, as it is in Ajax sites, it becomes much easier for attackers to reverse engineer the application and probe it for weaknesses.

It is something of a paradox, then, that while Ajax applications are more transparent ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required