HomeASP.NET Weblogs
All Tags » JavaScript » Security (RSS)

Browse by Tags

Related Posts

  • IE7 and no native XMLHttpRequest support

    This weekend I had a deep look on the native XMLHttpRequest support with the new Internet Explorer version 7 which is still in beta. If you do a Google search for " native xmlhttp support ie " you will read that everyone is happy with this native support. Yes, it is the first step to have XMLHttpRequest...
    Posted to Ajax.NET Professional - AJAX and JSON made easy! (Weblog) by Michael Schwarz on 07-03-2006, 12:00 AM
    Filed under: Security, Web 2.0, AJAX, Ajax.NET, IE, JavaScript, Source Code, ASP.NET

  • Ajax.NET Professional 6.6.2.2 with new Converters

    I put the new version online, download the latest DLL at http://www.ajaxpro.info/ . There are a lot of performance changes done, and the lib is now working perfect with the script.aculo.us effects. A not yet finished updated version of the Starter Kit is online, see http://munich.schwarz-interactive...
    Posted to Ajax.NET Professional - AJAX and JSON made easy! (Weblog) by Michael Schwarz on 06-02-2006, 12:00 AM
    Filed under: Security, Web 2.0, AJAX, Ajax.NET, Ajax.NET Release, JavaScript, JSON, .NET, ASP.NET, Starter Kit

  • Web = Minefield

    A simple way to compromise security of computers everywhere. How nice. AttackAPI (0.6) August 31st, 2006 AttackAPI provides simple and intuitive web programmable interface for composing attack vectors with JavaScript and other client (and server) related technologies. The current release supports several...
    Posted to Jesse Ezell Blog (Weblog) by Jesse Ezell on 09-07-2006, 12:00 AM
    Filed under: General Software Development, Javascript, Hack, Security

  • Avoid using Impersonation in ASP.NET

    Scott Hanselman is writing on his blog : The MSDN Docs are very careful not to recommend using impersonation it affects connection pooling when talking to databases downstream. The suggestion that one takes care when using impersonation has been in place since its inception. [...] ScottGu has a good...
    Posted to Ajax.NET Professional - AJAX and JSON made easy! (Weblog) by Michael Schwarz on 10-24-2006, 12:00 AM
    Filed under: AJAX, Ajax.NET, ASP.NET, .NET, JavaScript, Security

  • The top 10 mistakes when using AJAX

    The last months I found more and more web sites that make a heavy use of AJAX to be on the Web 2.0 train, but a lot of them are very strange because they are slower than before, you will get more errors and sometimes nothing does work (i.e. when running on a mobile device). Here are my top 10 mistakes...
    Posted to Ajax.NET Professional - AJAX and JSON made easy! (Weblog) by Michael Schwarz on 11-20-2006, 12:00 AM
    Filed under: JavaScript, .NET, ASP.NET, Security, AJAX

  • Are we ready for AJAX?

    I had a watch today on the webcast How Hackers Reverse Engineer and Exploit an Ajax Application . There wasn't any new security issue as we already should know as AJAX or web application developers. Samples did show how to hack the AutoComplete.asmx web service (using ASP.NET AJAX ) which was used...
    Posted to Michael's Blog (Weblog) by Michael Schwarz on 01-25-2007, 12:00 AM
    Filed under: AJAX, ASP.NET, JavaScript, Atlas, Security

  • JSON Hijacking and How Ajax.NET Professional (AjaxPro) Avoids these Attacks

    There are a couple of web sites reporting about security issues that hackers can use to invoke AJAX methods or use the JSON output to get data from other web applications. Specificallly, these attacks use HTTP GET requests invoked via an HTML <script src=""> include element to circumvent...
    Posted to Michael's Blog (Weblog) by Michael Schwarz on 04-07-2007, 12:00 AM
    Filed under: AJAX, Ajax.NET, ASP.NET, JavaScript, Security, XSS

  • Trackbacks, Who Is Linking You and where you should pay attention

    Today I opened the turkish version of Google and did a search for something I cannot remember. The thing was that I didn't hit enter, instead I clicked on the button Google'da Ara . What I noticed then was that the ' was not correct url encoded. Hm, nothing you have to care about. But after...
    Posted to Michael's Blog (Weblog) by Michael Schwarz on 04-12-2007, 12:00 AM
    Filed under: ASP.NET, JavaScript, Security, IE, XSS, Fiddler

  • Looking Forward to next AjaxPro Release

    Some developers mentioned that it would be nice if Ajax.NET Professional could be more JSON compliant to use with some JavaScript frameworks that are not using the eval statement. And, if you have a look at json.org JSON message always have to be an object or array, not a string or boolean directly....
    Posted to Michael's Blog (Weblog) by Michael Schwarz on 04-13-2007, 12:00 AM
    Filed under: AJAX, Ajax.NET, ASP.NET, JavaScript, Security, Ajax.NET Release, JSON

  • Trackbacks, Who Is Linking You and where you should pay attention

    Today I opened the turkish version of Google and did a search for something I cannot remember. The thing was that I didn't hit enter, instead I clicked on the button Google'da Ara . What I noticed then was that the ' was not correct url encoded. Hm, nothing you have to care about. But after...
    Posted to Michael's Blog (Weblog) by Michael Schwarz on 04-12-2007, 12:00 AM
    Filed under: ASP.NET, JavaScript, Security, IE, XSS, Fiddler
Page 1 of 2 (19 items) 1 2 Next >

Advertise on ASP.NET

About this Site

Page view counter