Ahh, the PHP newsgroup. The last place I thought I would see a refrence to
a Defcon or Blackhat talk.
""Jay Blanchard"" <jblanchard@xxxxxxxxxx> wrote in message
news:56608562F6D5D948B22F5615E3F57E6902A6B606@xxxxxxxxxxxxxxxxxxxxxxxxxx
One of my developers saw the following article;
http://arstechnica.com/news.ars/post/20070802-security-experts-warn-deve
lopers-about-the-risks-of-premature-ajax-ulation.html
How are you securing Ajax? I know that for the most part we send data to
a PHP script for processing, so all of the normal rules for sending that
data apply (mysql_real_escape_string(), etc.)
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
