[LINK] AJAX May Be Considered Harmful
brd at iimetro.com.au
brd at iimetro.com.au
Mon Jan 8 13:49:26 AEDT 2007
AJAX May Be Considered Harmful
Slashdot
http://it.slashdot.org/it/07/01/06/216245.shtml
"Security lists are abuzz about a presentation from the 23C3
conference<http://events.ccc.de/congress/2006/Home>, which details a
fundamental design flaw in Javascript
<http://events.ccc.de/congress/2006/Fahrplan/events/1602.en.html>.
The technique, called Prototype Hijacking, allows an attacker to redefine any
feature of Javascript.
The paper is called 'Subverting AJAX'
<http://events.ccc.de/congress/2006/Fahrplan/attachments/1158-Subverting_Ajax.pdf>
(pdf), and outlines a possible Web Worm that lives in the very fabric of Web 2.0
and could kill the Web as we know it."
--
Regards
brd
Bernard Robertson-Dunn
Sydney Australia
brd at iimetro.com.au
----------------------------------------------------------------
This message was sent using iiMetro WebMail
More information about the Link
mailing list