Secure AJAX Server Scripts
View Single Post
12-07-2007, 01:14 AM
Join Date: Nov 2007
I was browsing the web today, and I
an interesting article on securing AJAX apps. Based on that reading, I came up with this idea:
- Append my user session table with an authentication key field
- Each time the app sends a request, it includes the key, and the server checks the auth key against the one in the DB.
- If they match, it performs the action, generates a new random auth key, and returns it as part of a json object to the page.
- The page now has a new auth key to pass for the next call.
What do you think?
View Public Profile
Send a private message to trmbne2000
Find More Posts by trmbne2000