"Ajax is considered the next step in a progression towards the
trumpeted, "Web 2.0." The purpose of this article is to introduce some
of the security implications with modern Ajax web technologies. Though
Ajax applications can be more difficult to test, security professionals
already have most of relevant approaches and tools needed. The authors
will discuss if today's popular need to say goodbye to the full webpage
refreshes using Ajax also means we are saying hello to some new
security holes. We will begin with a brief discussion of the technology
behind Ajax followed by a discussion on the security impact of
applications using Ajax technology."
Article Link: http://www.securityfocus.com/infocus/1868
