News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

ONLamp.com:
Points of Attack PHP and Ajax
August 28, 2007 @ 11:11:00

Matthew McCool has a few reminders for developers out there thinking of using Ajax in your applications - mainly to remember that it has the potential of adding another vulnerability to your application.

Consider a registration form built out of PHP. Any aspect of your script that accepts and processes data is a potential point of attack. If you add Ajax, what you're doing is increasing the complexity of the application and, by extension, introducing greater vulnerability. More points of entry equal a larger attack surface, and that means potential problems for your application.

He continues his login form example and mentions a few things you could do to help protect your application and its users (including using the escaping functions built in to PHP to help remove some harmful input).

2 comments voice your opinion now!
point attack ajax opening login form filter input function point attack ajax opening login form filter input function


blog comments powered by Disqus

Similar Posts

Pádraic Brady's Blog: Filter Extension Issues - A Storm in a Teacup?

PHPBuilder.com: AJAX and PHP Part 4 - Forms and JavaScript Limitations

Matthew Weir O'Phinney's Blog: exuberant ctags with PHP in Vim

Shameer Chamal's Blog: Tutorial : Simple ajax validation for Kohana

PHPit.net: Book Review - AJAX and PHP - Building Responsive Web Applications


Community Events





Don't see your event here?
Let us know!


podcast code introduction community opinion list framework interview language series developer testing unittest laravel threedevsandamaybe install symfony2 refactor experience release

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework