Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

The Dangers of AJAX

If any technology is closely associated with the Web 2.0 phenomenon it's Asynchronous Javascript and XML aka AJAX. AJAX-based applications are all around us and in theory offer business low-cost alternative to collaborative applications.
Put up an internal site and with Mapable you can launch your own map-enabled chat rooms for free transform your company's Web sit with virtual worlds or just get rid of your Office applications with AJAX-enabled Word Processor and SketchPad.

And like any good Microsoft application AJAX-based apps may also form a vulnerability in the security fabric of your network. Navaho Gunleg reports on DarkNet about how a hacker could use AJAX-based applications to execute some malicious operation on a visiting PC.

Business shouldn't get too paranoid about AJAX vulnerabilities and nor should it try and do something stupid like banning AJAX the way it's done with IM . A better approach is to work through the security community to understand AJAX's limitations and push your security suppliers to deliver the devices that can inspect AJAX content.

We can prevent malformed HTML or XML packets. AJAX is no different.