关于Javascript安全问题的书，或者可以说是调查，有兴趣地可以看看，对program safe ajax application很有用！

内容
An increasing number of rich Web applications, often called Ajax applications, make use of
JavaScript as a data transport mechanism. This paper describes a vulnerability we term JavaScript
Hijacking, which allows an unauthorized party to read confidential data contained in JavaScript
messages. The attack works by using a