This was posted to SecurityFocus.com yesterday.
Their article is eerily similar to my Ajax presentation from February
(particularly if you've seen me give the presentation), and even more
similar to the draft Ajax chapter I wrote shortly after for the OWASP
Guide (now posted to our Wiki - http://www.owasp.org/index.php/
Ajax_and_Other_%22Rich%22_Interface_Technologies). Hmmmm. As the
saying goes, this is the best form of flattery. I suppose.
If you haven't had a chance to read up on Ajax security, their
article is a start... as is my presentation (http://www.greebo.net/?
page_id=329) and the draft chapter in the OWASP Guide 3.0 current.
thanks,
Andrew
Begin forwarded message:
> Ajax security basics
> By Jaswinder S. Hayre, and Jayasankar Kelath
> 2006-06-19
>
> The purpose of this article is to introduce some of the security
> implications with modern Ajax web technologies. Though Ajax
> applications can be more difficult to test, security professionals
> already have most of relevant approaches and tools needed.
>
> http://www.securityfocus.com/infocus/1868
- application/pkcs7-signature attachment: smime_p7s
Received on Jun 20 2006
Intro
