Chapter 12. Securing Rich Internet Applications
With Ajax, a Web page can make a request for just the information it wants, without the need for a full form submission or changing the entire page. With Silverlight, requests are sent from the Silverlight component (via the browser's networking function to the server), and responses are processed by the Silverlight application. Server processing is minimized because less data is sent, and there is no need to construct a new page every time.
As with all new technologies, writing an RIA comes at a price — it opens new possibilities for attacks and vulnerabilities.
In this chapter, you will learn about the following:
How Ajax works
How Silverlight interacts with the Web and the client computer
How to use Silverlight's cryptography functions
How to use ASP.NET's authentication and authorization with Ajax and Silverlight
How using Ajax and Silverlight can increase your attack surface
How using third-party data can expose your application to risk
The Ajax discussion in this chapter concentrates on the ASP.NET Ajax libraries and architecture. For the most part, the vulnerabilities are nothing new. Ajax ...