The Dark Side of AJAX - JavaScript Hijacking and How it Works
Original post provide by Latest News from AJAXWORLD MAGAZINEWith so many Web 2.0 applications being written in AJAX, it was only a matter of time before the vulnerabilities began to crop up, but no one expected the unusual form they would take. This session by the man who discovered the first cross-vendor AJAX vulnerability - JavaScript Hijacking - will detail it and other security concerns while also discussing ways that AJAX could be implemented to make it less risky. Finally, we will take a look at AJAX security incidents to-date, and identify the ways that increased adoption of AJAX is likely to change the way hackers behave.
Previous Articles:Simple CAPTCHA Class
Package: Simple CAPTCHA Class Summary: Generate CAPTCHA validation images Groups: Graphics, Validation Author: Allan Irvine Description: This class can be used to generate CAPTCHA validation images.
SynDirectory
Package: synDirectory Summary: Retrieve and sort the current directory files Groups: Files and Folders Author: Olafur Waage Description: This class can be used to retrieve and sort the current work directory list of of files. It opens the current directory and retrieves the list of files and sub-directories into separate arrays.
Top-Notch "Enterprise AJAX" Track September 23-26 At AJAXWorld Conference & Expo 2007 West
Architect of Google Gadgets Adam Sah, Nexaweb Chief Architect Bob Buffone, Rearden Commerce Chief Architect Matt Mihic, Terracotta Founder & CTO Ari Zilka, jMaki Principal Architect Greg Murray, Sun Evangelist Arun Gupta, HP Director of PM Siva Darivemula, Teqlo PM Rod Boothby, WebEx VP David Knight, IndustryNext Lead Engineer Adam Breindel, and more.
RIA Frameworks & Toolkits Track Features At AJAXWorld Confrence & Expo 2007 West
Oracle's Ric Smith, ILOG's Patrick Ruzand, Sun's Roberto Chinnici, IBM's Leugim Bustelo & Phil Berkland, Ken Gardner from SOASTA, Joshua Gertzen from ThinWire, Eric Audet from TechSolCom and Jean-Francois Arcand & Francois Orsini from Sun. These are among the more than a dozen high-caliber speakers lined up by SYS-CON Events to speak in the 'RIAs Frameworks & Toolkits' track at AJAXWorld Conference & Expo 2007 West taking place September 24-26 at the Santa Clara Convention Center in Santa Clara, CA - one of just ten simultaneous content-rich tracks at biggest version yet of the world's leading AJAX, Rich Internet Applications & Web 2.0 event.
PHP-Learn-it.com: Starting With PHP And AJAX
This simple tutorial demonstrates how to post a form using PHP and AJAX without having to refresh the page. A first step in becoming an AJAX developer. They chose to go with the prototype Javascript library to use its included Ajax functionality.
More Articles:
Advanced JSON: Persistence Mapping, Mashups, RPCs And Beyond
JSON has proven to be a very easy to use, yet an immensely powerful data interchange protocol. However, by itself JSON is lacking a number of important capabilities, and efficient client/server data interaction must usually be customized, making development and interoperability difficult.
Tutoriel SQLite Et PHP5
Contraitement à de nombreux SGBD, SQLite ne reproduit pas le schéma habituel client/serveur mais est directement intégré aux programmes en utilisant des fichiers pour stocker les bases de données. Jason Gilmore propose sur developer.com un tutoriel expliquant, entre autre, comment utiliser SQLite dans une application PHP 5.
LinkMeIn
It access the LinkedIn site and authenticates on behalf of a given user. The class retrieves and parses the user contact list exported by the site in a format for Microsoft Outlook. The contact list may be returned as an array or served as the output of the current script in a RSS 2.0 format.
Cache_TS
Package: cache_TS Summary: Cache the output of PHP script in files Groups: Cache, Files and Folders Author: Jacek Wloka Description: This class can be used to cache the output of PHP script in files. First it checks the cache file of a given cache key.
PHP 5.2.4
Cette nouvelle version corrige près de 120 bogues présent dans la branche 5.2 de PHP. Les corrections apportées concernent l'utilisation de wordwrap, GD, chunk_split, php_openssl_make_REQ, glob, open_basedir... Pour consulter la liste complète des améliorations apportées consultez le changelog.