This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Testing for AJAX Vulnerabilities (OWASP-AJ-001)"
Anushshetty (talk | contribs) (→Brief Summary) |
Anushshetty (talk | contribs) (→Brief Summary) |
||
Line 1: | Line 1: | ||
== Brief Summary == | == Brief Summary == | ||
<br> | <br> | ||
− | + | Asynchronous Javascript and XML [[(AJAX)]] is one of the latest techniques used by web application developers to provide a user experience similar to that of a local application. Since Ajax is still a new term, not much of a thought has been given towards its ecurity implications. | |
<br> | <br> | ||
Revision as of 19:22, 4 November 2006
Brief Summary
Asynchronous Javascript and XML (AJAX) is one of the latest techniques used by web application developers to provide a user experience similar to that of a local application. Since Ajax is still a new term, not much of a thought has been given towards its ecurity implications.
Description of the Issue
...here: Short Description of the Issue: Topic and Explanation
Vulnerabilties
There are differnt types of AJAX attacks. Most of the Javascript attacks holds good here. Usually anything to play with the parameters is an attack.
- SQL Injection
Black Box testing and example
Testing for Topic X vulnerabilities:
...
Result Expected:
...
Gray Box testing and example
Testing for Topic X vulnerabilities:
...
Result Expected:
...
References
Whitepapers
...
Tools
...
OWASP Testing Guide v2
Here is the OWASP Testing Guide v2 Table of Contents OWASP Testing Guide v2 Table of Contents
This article is a stub. You can help OWASP by expanding it or discussing it on its Talk page.