Points of Attack: PHP and Ajax
Aug 29, 2007, 07:30 (0 Talkback[s])
(Other stories by Matthew McCool)
Re-Imagining Linux Platforms to Meet the Needs of Cloud Service Providers
"It's easy to get caught up in the dynamic potential of Ajax.
But with innumerable possibilities also comes increased risk. If
security isn't a major concern, it should be.
"Consider a registration form built out of PHP. Any aspect of
your script that accepts and processes data is a potential point of
attack. If you add Ajax, what youâ€™re doing is
increasing the complexity of the application and, by extension,
introducing greater vulnerability. More points of entry equal a
larger attack surface, and that means potential problems for your