关于Javascript安全问题的书,或者可以说是调查,有兴趣地可以看看,对program safe ajax application很有用!
内容
An increasing number of rich Web applications, often called Ajax applications, make use of
JavaScript as a data transport mechanism. This paper describes a vulnerability we term JavaScript
Hijacking, which allows an unauthorized party to read confidential data contained in JavaScript
messages. The attack works by using a