1. Home
  2. Forums Index
  3. WebmasterWorld / Webmaster General 6:20 am May 22, 2026

Forum Moderators: phranque

Message Too Old, No Replies

The Security Risk In Web 2.0

         

engine

4:17 pm on Jul 28, 2006 (gmt 0)

WebmasterWorld Administrator 10+ Year Member Top Contributors Of The Month




Web 2.0 is causing a splash as it stretches the boundaries of what Web sites can do. But in the rush to add features, security has become an afterthought, experts say.
...

"We're continuing to make the same mistakes by putting security last," said Billy Hoffman, lead engineer at Web security specialist SPI Dynamics. "People are buying into this hype and throwing together ideas for Web applications, but they are not thinking about security, and they are not realizing how badly they are exposing their users."

The security risk in Web 2.0 [news.com.com]

BananaFish

4:54 pm on Jul 28, 2006 (gmt 0)

10+ Year Member



Poppycock. Sure enabling javascript makes cross site scripting an issue it's no more of an issue simply because the XHTTP object is used. Just as with spam and phishing scams, the real danger of the XHTTP object is unscrupulous webmasters. Data can be captured from the keystroke rather than submitting a form. This is really the most blaring security concern.

garann

5:26 pm on Jul 28, 2006 (gmt 0)

10+ Year Member



This is goofy, as are the other articles of its ilk. Hold on - once we start using AJAX, we still have to check our users' credentials on each request and take precautions against cross-site scripting? Wow, really?
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. WebmasterWorld / Webmaster General 6:20 am May 22, 2026