AJAX & Security

Mixing Ajax and Full Requests in JSF 2.0

Fri, 02 Oct 2009 13:30:00 EDT

JSF 2.0 makes ajax pretty easy - but it can't hide everything from you... It's tempting to just add a few ajax tags into your page, and not worry too much about interactions - here's one example of a problem you may run into.

Using ASP.NET MVC Action Filters to Declare Reference Data for Views

Fri, 02 Oct 2009 12:17:00 EDT

When we all build websites, usually we're concerned with figuring out how we're going to get the major entities into the view. We want to know how we're going to handle the shopping cart or how we're going to get the customer record onto the page, etc. But, one of the little details that almost always comes back to bite us in the ass is the use of reference data. Reference data is data that rarely changes, is frequently queried, and shows up in multiple places throughout the application. This might be anything from the list of companies currently trading on a particular stock market if you're building a financial web application or things like the list of countries, states, cities, counties, tax rules, and shipping tables if you're doing fulfillment of orders online.

JavaScript Hijacking: Only 1 Out 12 Popular AJAX Frameworks Prevents It

Fri, 14 Nov 2008 05:40:00 EST

Although the term "Web 2.0" does not have a rigorous definition, it is commonly used in at least two ways. First, it refers to Web applications that encourage social interaction or collective contribution for a common good. Second, it refers to Web programming techniques that lead to a rich and user-friendly interface. These techniques sometimes go by the name Asynchronous JavaScript and XML (AJAX), though many implementations don't use XML at all.

SOA Created AJAX and Rich Internet Applications

Thu, 22 May 2008 12:00:00 EDT

SOA has come a long way from a concept to wide-scale adoption by the enterprise at multiple layers of IT. SOA implementation at the UI layer is the latest in SOA adoption trends. SOA has manifested itself in a number of flavors such as the creation of a rich user experience by using technology like AJAX, provisioning value-added services by mashing up data from multiple sources, community-based peer-to-peer interactions, creating collective intelligence, creating collaborative platforms often catering to a trusted community, and creating modular content-based sites.

Where Are RIA Technologies Headed in 2008?

Sat, 23 Feb 2008 02:45:00 EST

I am always being told off by i-technologists for quoting Picasso as having said that computers are useless. But I still love his reasoning: 'Because they can only give you answers.' Picasso, like AJAXWorld Magazine, liked questions. So we thought we would share with you what some of the world's leading rich Internet application pioneers are thinking may be the next questions that we need to see answered. From that, readers can themselves infer: where is AJAX headed next?

AJAX & Security: Vulnerability in DWR Security Logic Identified

Mon, 08 Jan 2007 18:15:00 EST

A significant vulnerability in the security logic of a well known open source AJAX library called DWR has been identified by the Imperva Application Defense Center.

Might "Prototype Hijacking" Subvert AJAX?

Sun, 07 Jan 2007 12:45:00 EST

Does JavaScript, which was never intended to do anything resembling what it does within the approach now called AJAX, have a fundamental design flaw? That's the question being asked by Stefano Di Paola and Giorgio Fedon.