O'Reilly logo

Securing Ajax Applications by Christopher Wells

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Case Studies

What better way to discuss the security issues revolving around mashups than for me to show a couple of examples. To start, where can you find these mashups? I recommend a visit to John Musser's Programmable Web (http://www.programmableweb.com). Here you will find a giant directory of all Web 2.0 related mashups. The directory is sortable by popularity and API.

I chose a couple of mashups at random to see what security issues I would find. The following mashups were interesting to me at the time of writing:

Pageflakes.com

An up-and-coming web portal (start page) poised to dethrone NetVibes as the leading Web 2.0 start page on the Internet. Pageflakes recently lured Dan Cohen away from Yahoo! making him CEO of Pageflakes. Cohen had been instrumental in the development of my.yahoo.com, so I thought it would be worth a look.

Public911.com

A web site that tracks live 911 call data on a Google map. This site had achieved mention in the press when the site's data provider (the Seattle Fire Department) reformatted its feed deliberately to break this site.

WeatherBonk.com

A weather mashup site. On Musser's Programmable Web, this is one of the most popular mashups. So I wanted to see what all the fuss was about.

HousingMaps.com

A little web site that mashes up rental and housing content from Craigslist.com with Google Maps.

The evolution of the start page, or home page, has taken us from Yahoo! and its set of popular web site links to the new Web 2.0 world of fully functioning ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required