Ajax security is the source of a lot of anxiety. This is understandable, as Ajax is everywhere, and the consequences of an exploit can be devastating.
Ajax, however, is not inherently insecure. Security can be achieved by following basically the same security guidelines one uses for other languages, tailored to Ajax's specific needs.
In this podcast, expert Caleb Sima, co-founder and CTO of SPI Dynamics Inc. and director of SPI Labs, discusses security methods and tools for this oft misapplied language.
The podcast may be downloaded here:
Ajax security: A dynamic approach
(To listen to the podcast now, left click on the link. To download it and save it for later, right click on it.)
Note: The recording is soft, so you will need to increase the volume on your computer or MP3 player.
These tips and articles offer more information on this topic:
- Ajax security -- A reality check
- Ajax in Action -- Chapter 7, "Security and Ajax"
- How to safely deploy Ajax