Just recently, Judith Myerson of IBM wrote about the tools that could be used for advancing the security of the Ajax based application. We all know that Ajax is a really nice web development technique but it comes with a security flaw that could be exploited by hackers at anytime. Here are the tools recommended by Myerson so that you can easily ... Read Article

When browsers when conceptualized, the though of applications running through the browser was expected. However, what was not expected was that the application actually has multiple sources which are the usual setting of a mash-up. When we run a mash-up application, multiple sources are fired up which increase the data output of the ... Read Article

Even with all the flaws that we will find in an Ajax based website, there are security measures that we could do to ensure security in our website. Before we go to different security measures, let us first note one of the biggest problems in an Ajax based website and application: Source Code Availability. Some call it ldquo;Overly Granular ... Read Article

We have already laid out some of the loopholes that could be used by different hackers. In this article we will take a look at a very basic hack that could be done even by none-developers and how to prevent it. Personally, the biggest problem for any Ajax based developer is the transparency of the source code. To understand this let us take a ... Read Article

In a simple HTML website, developers will always have the luxury of keeping sensitive information to themselves. When you log in to the admin page of the website, the information that you see is solely for those who have proper authorization. Without username and password, hackers will have a really hard time figuring out how to access the ... Read Article

More and more Ajax developers are choosing JSON for their data transfer instead of XML. Although XML has been the pillar of Ajax (X is for XML), JSON has become the choice of most developers because it was particularly built for JavaScript. Compared to XML, JSON is lighter and will work faster compared to XML. This lightweight function enables ... Read Article

Cross Site Script or XSS is one of the popular methods for attacking not only to Ajax based websites but almost any other website that accepts user inputs. Even before Ajax was conceptualized, this attack was already practiced by different hackers. There was one hack that was used in 2005 wherein MySpace.com was targeted. It uses a simple ... Read Article

In order to protect websites, it is essential to know how it is going to be attacked. One such awareness is to know how to cure cross-site request forgery problem. Though website security may appear hyped, the type of attack that could be made possible justifies the security concerns. Today let us take a look at a very simple yet effective ... Read Article

One of Ajaxrsquo;s most important code functions is the XMLHttpRequest. Without this code, itrsquo;s almost impossible for an Ajax based program to run smoothly. Although we can find alternate coding for XMLHttpRequest, this code alone could save us hours of coding when we do it the other way. XMLHttpRequest could command JavaScript to POST, ... Read Article

We are always emphasizing on securing our websites especially when they are Ajax based. There are so many blogs that were written reminding developers the weakness of Ajax because of its complexity. Wersquo;ve also written ourselves some tips to ensure the program you just created is as user friendly as it is secure. But as time goes by, newer ...    Read Article

This app uses javascript and XMLHttpRequest. Your browser must have these enabled to try this out. I didn't put in code that would check for incompability, sorry. See limitations section below for ...   Read Article.

The ability of modern browsers to use asynchronous requests introduces a new type of attack vectors. In particular, an attacker can inject client side code to totally subvert the communication flow between client and server. In fact, advanced features of Ajax framework build up a new transparent layer not controlled by the user. This paper will ...   Read Article.