Saturday, July 7, 2007

JavaScript Hijacking

Excellent paper on JavaScript Hijacking. Javascript is not protected in the same way that HTML is on the web page and since on AJAX powered sites it can be used to access sensitive data there is an inherent security risk (which can be quite easily controlled as it turns out).

No comments: