Today's /. has a useful reference to "Myth-Busting AJAX (In)security"
http://www.whitehatsec.com/home/resources/articles/files/myth_busting_ajax_insecurity.html My bottom line paraphrasal: it doesn't make things any worse than javascript and http itself. The author is selling a product, but the article content is nevertheless readworthy (including some decent general advice). Some of the /. comments raise strawman-argument or whitewash/diversion issues, but I still think it's well written. There are some other whitepapers that might be interesting, which require registration to download. Guess I might sample them, on the basis of the above article's quality. Regards, ..jim -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
