Community discussion forum

Back to discussion

Testing for Security in the Age of Ajax Programming

Last post was 27 Dec 2006 at 09:07
Tags: ajax United Kingdom
This is a comment thread discussing Testing for Security in the Age of Ajax Programming
  • 9 years ago

    This thread is for discussions of Testing for Security in the Age of Ajax Programming.

    Report abuse
  • Advertisement

    Simply the fastest line-level profiler for .NET ever

    “The low overhead means it has minimal impact on the execution of my program”
    Mark Everest, Development Team Leader, Renault F1 Team Ltd.

    Try out the new ANTS Profiler 4 for yourself. Download your 14-day trial now

  • 1 year ago

    Hi,

    It looks like there is no flaw in the Ajax model, for the example you mentioned could have been tried with the Non-Ajax Model also and still the application could have been suspectible to Sql Injection attack, which is a basic attack, the basic flaw that i saw was the programmer should have used the Parameterized commands instead of inline sql queries or better still the 3-Tier Architecture using Parameterized commands, which the most basic and common-sense approach to develop Web Applications.

    I don't think that having Ajax will save the programmer from the Sql Injection Attack!
    because Ajax was not designed to secure the programmer from these attacks. I think it is stupid to even think in this directions,...."... that why the application is still suspectible to Sql Injection attack, even though i had Ajaxified it?.

    Ajax or No Ajax, First, the programmer should always get his basics clear!

    I really liked the spirit and the language of the article, thanks for this nice article.

    Regards,
    Mahernoz













    Report abuse

Post a reply

Enter your message below

Sign in or Join us (it's free).

Ask a question

Related discussion

Related articles

Quick links

Recent activity

Languages

Web Development

Frameworks & Architecture

Other major sections