Music. Coding. Gaming. Life.

AJAX not ready for prime time just yet

Posted Wednesday, November 23rd, 2005 6:33:00 am
I was playing around and got my first full page designed using ASP.Net 2.0 and AJAX.Net Professional. Then I had this thought go off in my head like an alarm siren. How am I going to stop hackers from sending Javascript requests through their browser to my server? The answer, unfortunately, is I'm not.

Security in AJAX is kind of crap. I still have to do all my validation on the server side if I want to make sure that the data I am getting is secure. I mean, it can be done, but it's such a hassle that I might as well do it server side anyway. ASP.Net is quick enough for it.

I may still do some implementations of AJAX to speed things up in areas where the user isn't posting data to the server. Perhaps when/if secuirty improves, and I'm not sure it can, I'll take another look at it.

Perhaps that is why it's been around for so long and just hasn't gotten used. You get one big company who takes the time and effort to go through it and do things the right way, and now everyone thinks they can do it. Although I for one won't be surprised if we ever hear about GMail getting hacked somehow.

Oh wait.


Loading... Media Player