begin quoting James G. Sack (jim) as of Fri, Dec 01, 2006 at 12:36:17PM -0800: > Today's /. has a useful reference to "Myth-Busting AJAX (In)security" > > http://www.whitehatsec.com/home/resources/articles/files/myth_busting_ajax_insecurity.html > > My bottom line paraphrasal: > it doesn't make things any worse than javascript and http itself.
My take was that AJAX doesn't introduce any _new_ security problems. Aside from training users to leave Javascript enabled by default, and to avoid using tools like NoScript or Muffin. -- _ |\_ \| -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
