O Preventing AJAX Hacking Data Validation

Since AJAX runs completely within the web browser on the client side, you can't do anything to stop an attacker from analyzing and manipulating the HTML or JavaScript code. Some developers attempt to make it difficult to analyze by making the code hard to read by placing the entire program all on one line or even by encoding the HTML so it cannot be seen. These tricks may deter script kiddies; however, if dedicated attackers wish to analyze and manipulate the code, then they will simply use the tricks described previously to negate these "security" efforts.

The only real way to prevent AJAX hacking is to implement proper server-side input and output validation. Even if the attacker enumerates every single AJAX call and every single parameter, proper input and output validation techniques will ensure that they cannot manipulate the functionality of the application to perform nondesirable actions.

Was this article helpful?

0 0
The Ultimate Computer Repair Guide

The Ultimate Computer Repair Guide

Read how to maintain and repair any desktop and laptop computer. This Ebook has articles with photos and videos that show detailed step by step pc repair and maintenance procedures. There are many links to online videos that explain how you can build, maintain, speed up, clean, and repair your computer yourself. Put the money that you were going to pay the PC Tech in your own pocket.

Get My Free Ebook


Post a comment