ApacheCon US 2008 Session

(In)secure Ajax and Web 2.0 Web Sites

Web 2.0 took the internet world by storm. Especially attackers welcome the new possibilities created by Ajax, the increased use of JavaScript, opening up applications via web services, and user generated content. This session shows common pitfalls with modern "Web 2.0" applications and help you to avoid becoming the next victim on the ever-growing list. Web security has not changed that much, but web applications have. Ajax introduced new and dangerous attacks, and it is vital to know appropriate countermeasures. Come to this (technology-agnostic) session to learn best practices for state-of-the-art websites.