roncli.com blog
The blog of roncli
roncli.com blog
roncli.com
blog
Profile
roncli
Houston, Texas, United States
Labels
Coding
CTG Music
Editorials
Games
Miscellaneous
Music
Servers
Silliness
Software
Sports
Trax in Space Beta
Weather
Recent Posts
Where have the days gone?
SQL Server & Visual Studio 2005
CAPTCHA
Due Process
And to top off my night...
A story
Another Late Night
TopCoder
Google Desktop 2 out of Beta
Little bit of Cent progress
Wednesday, November 23, 2005
AJAX not ready for prime time just yet
Posted: 12:33:00 AM 0 comments
I was playing around and got my first full page designed using ASP.Net 2.0 and AJAX.Net Professional. Then I had this thought go off in my head like an alarm siren. How am I going to stop hackers from sending Javascript requests through their browser to my server? The answer, unfortunately, is I'm not.

Security in AJAX is kind of crap. I still have to do all my validation on the server side if I want to make sure that the data I am getting is secure. I mean, it can be done, but it's such a hassle that I might as well do it server side anyway. ASP.Net is quick enough for it.

I may still do some implementations of AJAX to speed things up in areas where the user isn't posting data to the server. Perhaps when/if secuirty improves, and I'm not sure it can, I'll take another look at it.

Perhaps that is why it's been around for so long and just hasn't gotten used. You get one big company who takes the time and effort to go through it and do things the right way, and now everyone thinks they can do it. Although I for one won't be surprised if we ever hear about GMail getting hacked somehow.

Oh wait.

Labels: ,



0 Comments

Post a Comment