Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×

Comment: Re:Where the heck did this hype come from? (Score 1) 82

by chefjoeardee (#17073112) Attached to: Experts Say Ajax Not Inherently Insecure
Gah. I hate to keep posting things repeatedly but my thinking is fragmented today :)

I don't think it's similar to a FORM at all, you can get the user to access other sites that they wouldn't normally access and get a parseable response from that site (as I mentioned above). I plan on testing this out some more with a friend of mine to see if I can grab their modems information remotely.

If you're using AJAX in a legitimate fashion (eg, requesting information from the original server) then yeah, it is as simple as a FORM request (maybe some session verification with PHP) but this manner I just outlined completely defeats that.

You can be replaced by this computer.

Working...