New Web Technologies Such as AJAX Create New Security Challenges
Article by Rick Leinecker, June 3, 2007
It's the holy grail of Web developers: create a Web application that is rich and attractive, yet responsive. Those two goals give results at opposite ends of the spectrum. Web sites with rich content look attractive with their many graphical resources, but this slows down the page load time and can make the page response sluggish. The typical way to make a Web site more responsive is to remove unnecessary items such as graphics and sound. So these two goals of rich content and responsive Web sites become a balancing act that Web developers must carefully manage.
I won't go into any technical details. But I do want to give you the single largest reason for the success of AJAX. It allows Web developers to treat sections of Web pages as separate entities. In the past Web developers had to treat an entire page as a single entity. Now, a button click can respond to the user and deliver content for a small part of the page without having to refresh the entire screen.
AJAX is a net gain for Web users. It delivers on its promise of richer Web sites with better response. And the security vulnerabilities are being discovered and fixed. For me, the benefits far outweigh the risks. You can take a look at some AJAX examples by visiting the link at http://webdeveloper.econsultant.com/ajax-demos-examples-code-samples/.
Those are the basics of AJAX and the potential security risks.