14Testing Ajax Applications
Myth: Ajax applications can be tested in the same way as traditional Web applications.
Throughout this book, we have referred to three main challenges for implementing secure Ajax applications. Ajax sites are more difficult to secure because they have increased complexity, increased attack surface, and increased transparency when compared to traditional Web applications. Of these three, the increased transparency is probably the most significant and most dangerous. When application logic is pushed to the client tier, as it is in Ajax sites, it becomes much easier for attackers to reverse engineer the application and probe it for weaknesses.
It is something of a paradox, then, that while Ajax applications are more transparent ...
Get Ajax Security now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.