1. When Ajax Attacks! Web application security fundamentals
Simon Willison, @media Ajax 2008
2. Im here to scare you XSS PDF CSRF XBL UTF-7 HTC
crossdomain.xml JSON and JSONP
3. A few years ago... Web application security tutorials tended
to boil down to three things: Dont trust input from users Avoid SQL
injection attacks Dont let people inject JS in to your pages
4. A few years ago... Web application security tutorials tended
to boil down to three things: Dont trust input from users Boring!
Avoid SQL injection attacks Dont let people inject JS in to your
pages