You may write a "proxy" that sits between your client and your internal databroker which only allows some defined methods and params? What else was the question?
Regards 2010/5/6, Ed Carp <e...@pobox.com>: > Just for clarification, the business wants to put client-side > Javascript on a customer-facing web site, and it's my job to figure > out how to protect the back-end web services...sigh... > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/