Hands-On, Practical Guide Preventing Ajax-Related Security Vulnerabilities The more Web sites to be rewritten as Ajax applications; even traditional desktop software with a quick move to the Web via Ajax. Ajax Security systematically debunks today? S most dangerous myths about Ajax security, the key points that describe the detailed case studies of actual exploited Ajax vulnerabilities, ranging from MySpace validator? S s Samy worm to the conference? MacWorld code. ? You will learn how to: Reduce the unique risks associated with Ajax, including Web services are too granular, application flow control interference and manipulation of program logic Write new Ajax code more secure and identify? And fix flaws in existing code Prevent appear Ajax-specific attacks, including JavaScript hijacking and persistent storage theft Avoid attacks based on XSS and SQL Injection? Includes dangerous SQL Injection variant that can extract the entire backend database with just two requests Leverage security built into Ajax frameworks like Prototype, Dojo, and ASP.NET AJAX Extensions? And acknowledge what still must implement their own Create a more secure? Mashup? application Ajax Security will be an indispensable resource for developers coding or maintaining Ajax applications, architects and development managers planning or designing new Ajax software, and security of all software professionals, from QA specialists to penetration testers.