|
|
Mon Mar 17 17:25:33 GMT 2008 ajax securitySome simple rule: If you use user authentication, make sure you check for it on the request page! Check for SQL Injections Check for JavaScript Injections Keep the Business Logic on the server! Don't assume every request is real! Check the data with validation! Look at the request’s header information and make sure it is correct http://radio.javaranch.com[..]pascarello/2005/11/16/1132198968655.html (google search) (amazon search) second |