ZDNet UK


Skip to Main Content

  1. Home
  2. News
  3. Blogs
  4. Reviews
  5. Jobs
  6. Resources
  7. Community
  8. My ZDNet

 

ZDNet UK RSS Feeds


Online business Toolkit

Download now

Scanning Ajax for XSS Entry Points

Publishernet-square
Format133.5KB PDFDate added15 Feb 2007
Topics XML, Java, Application Development
Downloads35

The continuous adoption of Web 2.0 architecture for web applications is instrumental in Ajax, Web services and Flash, emerging as key components. Ajax is a combination of technologies such as JavaScript with the XMLHttpRequest object, DOM and XML streams. Cross site scripting (XSS) can make browsers vulnerable to critical information hijacking if exploited with malicious intent. XSS is already categorized as persistent, non-persistent and DOM-based. Ajax code loaded in browser can have entry points to XSS and it is the job of the security analyst to identify these entry points. One may need to do a trace or debug to measure the risk of these entry points. This paper introduces one to a quick way to identify XSS entry points in an application.

Download now

Did you find this white paper useful?
25 out of 50 users found this white paper useful


  • Trackback
  • Clip Link

Related white papers

Getting Started with LINQ to XML

LINQ stands for Language Integrated Query. This new technology comes built into the NET Framework 3.5 and can be used with any of the different languages that run under NET....

Download Getting Started with LINQ to XML

Download


Opening Access to Office Information With OOXML

As the leading ratings expert in a media market, this company's production consisted of sorting and processing large amounts of data to create Microsoft Power Point presentations of charts and...

Download Opening Access to Office Information With OOXML

Download


Ontology-Based Semantic Metadata Validation

Much of the Semantic Web content is generated from databases, especially the instance data based on the ontology classes used in applications. A recurring problem is that the instance data...

Download Ontology-Based Semantic Metadata Validation

Download


Webinar on Blogging for Business

This webcast will explain what blogging means for your business and how you can "blog for business".

Download Webinar on Blogging for Business

Download


Experiments on Element and Document Statistics for XML Retrieval

This paper presents an information retrieval model on XML documents based on tree matching. Queries and documents are represented by extended trees. An extended tree is built starting from the...

Download Experiments on Element and Document Statistics for XML Retrieval

Download


Navigationless Database XML: Hierarchical Data Processing

XML data in standard database processing is not being used fully or correctly in business applications today. Current XML hierarchical database query processing is basically limited to single path linear...

Download Navigationless Database XML: Hierarchical Data Processing

Download


A Generic, Reusable Solution for Marshalling Java Objects To/From XML

Solving the same problems over and over again can be quite tiring for a software engineer, yet the object persistence wheel has been reinvented more times than one would like...

Download A Generic, Reusable Solution for Marshalling Java Objects To/From XML

Download


White Paper

Featured White Paper

Video case study

Duncan Scott, CIO of DTZ, talks about their global email project and how Mimecast has helped them with their challenges operating as a multinational business

Download Now

Other White Papers

Software Configuration Management: The Foundation of Global Distributed Development Today

By distributing development, you can create a collaborative work environment staffed by the best...

Ten Things to Know About Grid Computing on Windows

This Oracle whitepaper offers insights into Oracle Grid. A grid allows a business to add capacity,...

See All White Papers