Points of Attack: PHP and Ajax
Aug 29, 2007, 07:30 (0 Talkback[s])
(Other stories by Matthew McCool)
"It's easy to get caught up in the dynamic potential of Ajax.
But with innumerable possibilities also comes increased risk. If
security isn't a major concern, it should be.
"Consider a registration form built out of PHP. Any aspect of
your script that accepts and processes data is a potential point of
attack. If you add Ajax, what youâ€™re doing is
increasing the complexity of the application and, by extension,
introducing greater vulnerability. More points of entry equal a
larger attack surface, and that means potential problems for your