AJAX Security


DevX Home    Today's Headlines   Articles Archive   Tip Bank   Forums   

Results 1 to 11 of 11

Thread: AJAX Security

  1. #1
    Join Date
    Aug 2008
    Posts
    5

    AJAX Security

    I have implemented inline editing. The server-side script accepts the following information, which it receives from the client-side script: Table Name, Unique Field (to find which row to update), Unique Field Value, Field to update & value of field to update. What I am worried about however, is that the data sent to the server-side script can easily be changed by using something like Firebug, or a hacker could even create a new form and post it to my server-side script, and it would execute it. In this way, they could update any field in any table they like..

    How do I solve this problem ?

    Regards,
    OGLES

  2. #2
    Join Date
    Apr 2007
    Location
    Sterling Heights, Michigan
    Posts
    8,666
    Welcome to DevX

    Do you have proxy servers and/or fire walls setup?
    I don't answer coding questions via PM or Email. Please post a thread in the appropriate forum section.
    Please use [Code]your code goes in here[/Code] tags when posting code.
    Before posting your question, did you look here?
    Got a question on Linux? Visit our Linux sister site.
    Modifications Required For VB6 Apps To Work On Vista

  3. #3
    Join Date
    Aug 2008
    Posts
    5
    erm, no..

  4. #4
    Join Date
    Apr 2007
    Location
    Sterling Heights, Michigan
    Posts
    8,666
    That would be my first step.

    Are you familiar with what I'm referring to?
    I don't answer coding questions via PM or Email. Please post a thread in the appropriate forum section.
    Please use [Code]your code goes in here[/Code] tags when posting code.
    Before posting your question, did you look here?
    Got a question on Linux? Visit our Linux sister site.
    Modifications Required For VB6 Apps To Work On Vista

  5. #5
    Join Date
    Aug 2008
    Posts
    5
    heh..

    no..

    I'm familar with what you have stated, but I don't understand how to implement it with regards to my website..

  6. #6
    Join Date
    Apr 2007
    Location
    Sterling Heights, Michigan
    Posts
    8,666
    I don't answer coding questions via PM or Email. Please post a thread in the appropriate forum section.
    Please use [Code]your code goes in here[/Code] tags when posting code.
    Before posting your question, did you look here?
    Got a question on Linux? Visit our Linux sister site.
    Modifications Required For VB6 Apps To Work On Vista

  7. #7
    Join Date
    Aug 2008
    Posts
    5
    Ok, so basically I spend alot of $$$ to buy some third-party software that does the job for me ?

  8. #8
    Join Date
    Apr 2007
    Location
    Sterling Heights, Michigan
    Posts
    8,666
    Perhaps not a lot, but some for sure.

    Peace of mind is seldom inexpensive.
    I don't answer coding questions via PM or Email. Please post a thread in the appropriate forum section.
    Please use [Code]your code goes in here[/Code] tags when posting code.
    Before posting your question, did you look here?
    Got a question on Linux? Visit our Linux sister site.
    Modifications Required For VB6 Apps To Work On Vista

  9. #9
    Join Date
    Aug 2008
    Posts
    5
    Hmm, not my style. And besides, firewall maintenance sounds like anything but "peace of mind".. :P

    Anyhow, I've thought of a perfect software hack for the problem..

    Thanks for the help anyway though..

  10. #10
    Join Date
    Apr 2007
    Location
    Sterling Heights, Michigan
    Posts
    8,666
    I'm curious....
    Quote Originally Posted by OGLES
    I've thought of a perfect software hack for the problem..
    what would that be?
    I don't answer coding questions via PM or Email. Please post a thread in the appropriate forum section.
    Please use [Code]your code goes in here[/Code] tags when posting code.
    Before posting your question, did you look here?
    Got a question on Linux? Visit our Linux sister site.
    Modifications Required For VB6 Apps To Work On Vista

  11. #11
    Join Date
    May 2007
    Posts
    6
    The best thing to do would be some good server side validation prior to any database writing.
    More on PHP Ajax and other technologies @ my homepage:
    www.tejuspratap.com

Similar Threads

  1. The AJAX "Top 5" security tips
    By moetarhini in forum AJAX
    Replies: 0
    Last Post: 06-14-2006, 07:28 AM
  2. Architect - Citrix - Fort Lauderdale, FL
    By Jocelyn Traher in forum Careers
    Replies: 0
    Last Post: 06-08-2006, 10:54 AM
  3. New forum + some AJAX links
    By Lori in forum AJAX
    Replies: 0
    Last Post: 02-09-2006, 02:26 PM
  4. establishing security
    By Chris Boyle in forum Security
    Replies: 1
    Last Post: 06-20-2001, 12:59 PM
  5. Replies: 1
    Last Post: 09-13-2000, 11:15 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center
 
 
FAQ
Latest Articles
Java
.NET
XML
Database
Enterprise
Questions? Contact us.
C++
Web Development
Wireless
Latest Tips
Open Source


   Development Centers

   -- Android Development Center
   -- Cloud Development Project Center
   -- HTML5 Development Center
   -- Windows Mobile Development Center