The Hands-On, Practical Guide to Preventing Ajax-Related Security
Vulnerabilities

More and more Web sites are being rewritten as Ajax applications; even
traditional desktop software is rapidly moving to the Web via Ajax. But,
all too often, this transition is being made with reckless disregard for
security. If Ajax applications aren’t designed and coded properly, they
can be susceptible to far more dangerous security vulnerabilities than
conventional Web or desktop software. Ajax developers desperately need
guidance on securing their applications: knowledge that’s been virtually
impossible to find, until now.
Ajax Security systematically debunks today’s most dangerous
myths about Ajax security, illustrating key points with detailed case
studies of actual exploited Ajax vulnerabilities, ranging from MySpace’s
Samy worm to MacWorld’s conference code validator. Even more important,
it delivers specific, up-to-the-minute recommendations for securing Ajax
applications in each major Web programming language and environment,
including .NET, Java, PHP, and even Ruby on Rails. You’ll learn how to: