Skip to Main Content
Securing Ajax Applications
book

Securing Ajax Applications

by Christopher Wells
July 2007
Intermediate to advanced content levelIntermediate to advanced
256 pages
6h 19m
English
O'Reilly Media, Inc.
Content preview from Securing Ajax Applications

Browser Plug-ins, Extensions, and Add-ons

A plug-in is a piece of component application that extends the functionality of the host program. In the case of a web browser, plug-ins are available to add programmatic function, ActiveX controls, Java applets, Flash movies, and much more. Let's take a look at some of the more common of these technologies and the security issues that accompany them.

ActiveX

ActiveX controls are downloadable web components that run inside the Microsoft Internet Explorer web browser. ActiveX controls can be written in a variety of programming languages, including C, C++, C#, Visual Basic, and Java (J#), but are limited to the Windows operating system and Microsoft Internet Explorer.

In the 1990s, Microsoft had been working on Object Linking and Embedding (OLE) but OLE just didn't sound sexy enough, so Microsoft renamed the technology ActiveX.

Back then, Microsoft thought this new, active technology was sure to win over web developers. It allowed unprecedented access into the Windows operating system and helped push the notion of component development into reality. Unfortunately Microsoft was not thinking about security. It was trying to get everything and everyone talking to each other—using Windows.

ActiveX is similar to Java applets in that it is downloaded and executed within the browser. Users have to grant the controls explicit permission to run, but once granted, ActiveX controls have a rich set of APIs to work with within the Windows ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Ajax Security

Ajax Security

Billy Hoffman, Bryan Sullivan
Firefox Hacks

Firefox Hacks

Nigel McFarlane

Publisher Resources

ISBN: 9780596529314Errata Page