Mailinglist Archive

Myth-Busting AJAX (In)security
Thursday - November 11, 2006 | WhiteHat Security publication

The hype surrounding AJAX and security risks is hard to miss.
Supposedly, this hot new technology responsible for compelling web-based
applications like Gmail and Google Maps harbors a dark secret that opens
the door to malicious hackers. Not exactly true. Even the most
experienced Web application developers and security experts have a
difficult time cutting through the buzzword banter to find the facts.
And, the fact is most websites are insecure, but AJAX is not the
culprit. Although AJAX does not make websites any less secure, it’s
important to understand what does.

http://www.whitehatsec.com/home/resources/articles/files/myth_busting_ajax_insecurity.html