Gadi Evron wrote:
>
> In other words, it's just Javascript. Do your coding securely. I don't
> like the big buzz. This is nothing new.
Hola Gadi!
*grin* I absolutely agree. It is absolutely not new . . .
>>> The challenge is in helping people to understand what a security
>>> boundary is.
T
George Capehart wrote:
Yvan Boily wrote:
Hi George,
I think a much more eloquent form of what you are saying is that
validation must be performed each time data crosses a security
boundary.
Hello Yvan,
I absolutely agree. Wish I'd said it myself . . . :)
In other words, it's just Javas
Yvan Boily wrote:
> Hi George,
>
> I think a much more eloquent form of what you are saying is that
> validation must be performed each time data crosses a security
> boundary.
Hello Yvan,
I absolutely agree. Wish I'd said it myself . . . :)
>
> The challenge is in helping people to understan
Yes! :)
I am speaking at the OWASP EU conference in Belgium (I hope people
speak English 'cos my French is now quite appalling) at the end of
May, and I have a paper submission for O'Reilly's OSCON in early
July. I am still mulling over whether to submit a proposal to
BlackHat as although
George Capehart wrote:
Dinis Cruz wrote:
I personally think that AJAX has the potential to create very insecure
applications because it pushes the data validation and authorization layers
back to the client (i.e. the browser)
"AJAX brings 'Back the Rich Client' and all its security problems"
Dinis Cruz wrote:
> I personally think that AJAX has the potential to create very insecure
> applications because it pushes the data validation and authorization layers
> back to the client (i.e. the browser)
>
> "AJAX brings 'Back the Rich Client' and all its security problems"
>
> Kentaro, on
I personally think that AJAX has the potential to create very insecure applications because it pushes the data validation and authorization layers back to the client (i.e. the browser)"AJAX brings 'Back the Rich Client' and all its security problems"Kentaro, on your AJAX application you must follow
