Learn how AJAX is being used for good and evil. See where to find vulnerabilities (hint: not just in the code). Discuss methods others are using to overcome challenges and methods for securing AJAX-based applications.
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Scrubbing Your AJAX
1.
2. What is Cross Site Scripting
Cross Site Scripting (XSS) is a security exploit where
malicious scripts are injected into the URL (query strings?) or
form fields of a site and then run by unsuspecting victims.
Reflected
Stored
Local
3. Hacker Persuades Victim to click on a URL
Victim Clicks Link
Script Embedded in URL Steals Sensitive Info
Hacker
Victim
11. Javascript Hardening
Analyze Dom Modifications
document
window
Eval() (don’t use)
Regular Expressions
Remember
Hacker can see your javascript
Use a JSON Parser instead of Eval() (www.json.org)