|
Full Disclosure
mailing list archives
Re: JavaScript exploits via source code disclosure
From: "Jan G.B." <ro0ot.w00t () googlemail com>
Date: Thu, 6 May 2010 18:31:09 +0200
You may write a "proxy" that sits between your client and your
internal databroker which only allows some defined methods and params?
What else was the question?
Regards
2010/5/6, Ed Carp <erc () pobox com>:
Just for clarification, the business wants to put client-side
Javascript on a customer-facing web site, and it's my job to figure
out how to protect the back-end web services...sigh...
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
- Re: JavaScript exploits via source code disclosure, (continued)
Re: JavaScript exploits via source code disclosure Jan G.B. (May 06)
Re: JavaScript exploits via source code disclosure Elazar Broad (May 06)
Re: JavaScript exploits via source code disclosure Elazar Broad (May 06)
| 
