When Ajax Attacks! Web application security fundamentals

Flash Player 9 (or above) is needed to view presentations.
We have detected that you do not have it on your computer. To install it, go here.

1 comments

+ Imrose Dahoo 9 months ago
Thanks for sharing. Its interesting presentation.
http://www.discountwebdesign.co.uk/

Jagan Mohan, Test Manager at Sella Synergy India Ltd, favorited this 1 month ago
Tags attacks security
sravanw favorited this 2 months ago
Tags web attacks! ajax when application security fundamentals
ed23 favorited this 4 months ago
Bi Oliveira favorited this 4 months ago
Tags javascript ajax
sandeep_naharia favorited this 8 months ago
Tags when ajax attacks! web application security fundamentals
justplainjoey favorited this 9 months ago
kappa favorited this 9 months ago
cdb7575 favorited this 9 months ago
Tags js
Jens Grochtdreis, Senior Frontend Developer at SinnerSchrader/Frankfurt, favorited this 9 months ago
Tags ajax security
intriboard favorited this 9 months ago
Tags javascript ajax web security programming
Ylodi favorited this 9 months ago
Tags security ajax
Keith Gaughan, Software Developer at Blacknight Internet Solutions, Ltd., favorited this 9 months ago
Tags security webapps
sdhjl2000 favorited this 9 months ago
Tags xss
Renato Albano, frontend developer favorited this 9 months ago
Tags xss csrf jsonp json security ajax @mediaajax simon webdev
Fu Cheng, Software Engineer at IBM China Development Lab, favorited this 9 months ago
Tags ajax security

When Ajax Attacks! Web application security fundamentals Simon Willison, @media Ajax 2008
I’m here to scare you • XSS • PDF • CSRF • XBL • UTF-7 • HTC • crossdomain.xml • JSON and JSONP
A few years ago... • Web application security tutorials tended to boil down to three things: • Don’t trust input from users • Avoid SQL injection attacks • Don’t let people inject JS in to your pages
A few years ago... • Web application security tutorials tended to boil down to three things: • Don’t trust input from users Boring! • Avoid SQL injection attacks • Don’t let people inject JS in to your pages
A few years ago... • Web application security tutorials tended to boil down to three things: • Don’t trust input from use

+ simon, 9 months ago