# Wednesday, August 10, 2005
« My First "Real" .NET Compact Framework A... | Main | Are you a Show Off? »
"AJAX" as a security risk?

I just read an article on DevX that explains how unscrupulous people can use the XMLHttpRequest (also know as "AJAX") to send anything and everything that you type into a text box on a web site back to the server. I also saw an e-mail the other day on how cool the new Google toolbar is because it uses this technology to do spell checking on ANY web page. Now I have not tried the toolbar so I am not sure how you are told that something is misspelled or if you are prompted to correct it but I can easily see how many a porn purveyor would love to know how people misspell popular domain names so they can know which ones make sense for them to register.

I am normally not all that paranoid but this article has got me to thinking. I am not sure what I can do other than to turn off scripting which will break a lot of other things or to run something like Ethereal to watch all traffic going to sites I am not quite sure of. It will not stop the information from going out but at least I will know and can then choose to avoid those sites.

Technology
Wednesday, August 10, 2005 5:40:24 PM (Mountain Standard Time, UTC-07:00)  #    Disclaimer  |  Comments [0]  |  Related posts:
Intellectual Property and the Internet
19 Reasons Why Microsoft is Huge with Developers (and 1 Reason Why Not)
Oracle to Buy Sun – A New Platform Contender
2009 Predictions
Microsoft - Whatever I Did I am Sorry! Can I Please Send E-mail Now?
Do You Know How Fast Your Computer Is?
Comments are closed.