Securing Ajax Applications
Ensuring the Safety of the Dynamic Web
Publisher: O'Reilly Media
Final Release Date: July 2007
Pages: 256

Ajax applications should be open yet secure. Far too often security is added as an afterthought. Potential flaws need to be identified and addressed right away. This book explores Ajax and web application security with an eye for dangerous gaps and offers ways that you can plug them before they become a problem. By making security part of the process from the start, you will learn how to build secure Ajax applications and discover how to respond quickly when attacks occur.

Securing Ajax Applications succinctly explains that the same back-and-forth communications that make Ajax so responsive also gives invaders new opportunities to gather data, make creative new requests of your server, and interfere with the communications between you and your customers. This book presents basic security techniques and examines vulnerabilities with JavaScript, XML, JSON, Flash, and other technologies -- vital information that will ultimately save you time and money.

Topics include:

  • An overview of the evolving web platform, including APIs, feeds, web services and asynchronous messaging
  • Web security basics, including common vulnerabilities, common cures, state management and session management
  • How to secure web technologies, such as Ajax, JavaScript, Java applets, Active X controls, plug-ins, Flash and Flex
  • How to protect your server, including front-line defense, dealing with application servers, PHP and scripting
  • Vulnerabilities among web standards such as HTTP, XML, JSON, RSS, ATOM, REST, and XDOS
  • How to secure web services, build secure APIs, and make open mashups secure
Securing Ajax Applications takes on the challenges created by this new generation of web development, and demonstrates why web security isn't just for administrators and back-end programmers any more. It's also for web developers who accept the responsibility that comes with using the new wonders of the Web.

Table of Contents
Product Details
About the Author
Recommended for You
Customer Reviews


by PowerReviews
oreillySecuring Ajax Applications

(based on 1 review)

Ratings Distribution

  • 5 Stars



  • 4 Stars



  • 3 Stars



  • 2 Stars



  • 1 Stars



Reviewed by 1 customer

Displaying review 1

Back to top

(2 of 2 customers found this review helpful)


Excellent Coverage of AJAX/Web Security

By jdruin

from KY

About Me Developer, Educator

Verified Reviewer


  • Accurate
  • Easy to understand
  • Well-written


    Best Uses

    • Expert
    • Intermediate
    • Novice
    • Student

    Comments about oreilly Securing Ajax Applications:

    Based on the OWASP top ten guidelines, this book does a great job of covering the major issues surrounding the use of AJAX-type technologies in web applications.

    Early in chapters 1-3, the author lays the foundation by explaining some of the history of the web and how we arrived at today. In the middle chapters, the author shows how to protect AJAX portions of web applications on the server and with various protocols (JSON, XML, etc.)

    The advice is geared towards asyncronous (background) calls to web services, but the information could be applied to any web page whether AJAX is used or not.

    This book is recommended for web developers of all types. The coverage of web security concepts such as separation of duties, least privilege, validation, authorization, authentication, and other topics are fundamental enough to help any developer build more secure applications.

    Displaying review 1

    Back to top

    Buy 2 Get 1 Free Free Shipping Guarantee
    Buying Options
    Immediate Access - Go Digital what's this?
    Ebook:  $39.99
    Formats:  DAISY, ePub, Mobi, PDF
    Print & Ebook:  $54.99
    The shipment of this item may be delayed.
    Print:  $49.99
    The shipment of this item may be delayed.