Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: JavaScript exploits via source code disclosure
From: "Jan G.B." <ro0ot.w00t () googlemail com>
Date: Thu, 6 May 2010 18:31:09 +0200

You may write a "proxy" that sits between your client and your
internal databroker which only allows some defined methods and params?
What else was the question?

Regards

2010/5/6, Ed Carp <erc () pobox com>:
Just for clarification, the business wants to put client-side
Javascript on a customer-facing web site, and it's my job to figure
out how to protect the back-end web services...sigh...

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault