CERIAS : Shiflett on the danger of cross-domain AJAX scripting

Shiflett on the danger of cross-domain AJAX scripting

Wednesday, August 09, 2006 by Ed Finkler in Secure IT Practices

Chris Shiflett has posted a good piece in his blog on the potential danger of cross-domain AJAX scripting (digg here). When Chris and I discussed this at OSCON, I was pretty surprised that anyone would think that violating the same-origin restrictions was in any way a good idea. His post gives a good example of how dangerous this would be.

Tags for this post:

Comments

Thanks for the link.

Now there’s more to the story:

http://shiflett.org/archive/263

Posted by Chris Shiflett on Sunday, September 24, 2006 at 01:35 PM

Page 1 of 1 pages

Footer

RSS Feeds

Combined XML Feed News XML Feed Events XML Feed Weblogs XML Feed Security Seminar Podcast Twitter: @cerias, @ceriasarchive, #cerias

CERIAS, Purdue University / Recitation Building / 656 Oval Drive / West Lafayette IN 47907-2086
phone (765)494-7841 / fax (765)496-3181

Copyright © 2013, Purdue University, all rights reserved. Purdue University is an equal access/equal opportunity university.
If you have trouble accessing this page because of a disability, please contact the CERIAS webmaster at webmaster@cerias.purdue.edu. Some content on this site may require the use of a special plug-in or application. Please visit our plug-ins page for links to download these applications.
Privacy Policy

Site Navigation

Shiflett on the danger of cross-domain AJAX scripting

Comments

Leave a comment

Current News

CERIAS Weblogs

Upcoming Events

Footer

RSS Feeds