[Esapi-user] The AJAX issue

Jim Manico jim.manico at owasp.org
Tue Jun 28 08:38:29 EDT 2011

Output Encoding and using safe workflow/functions in JS.


Jim Manico

On Jun 28, 2011, at 7:30 AM, Normando Macaraeg <nmacaraeg at jaspersoft.com> wrote:

> Hi,
> I don't understand how AJAX complicates input validation/output encoding.
> In the ESAPI book, it says "Ajax and other “rich” applications are complicating this situation."
> The way I see it, even though it's AJAX, it still hits the server as a request, and all requests can be validated.  So where's the complication?
> --norm--
> _______________________________________________
> Esapi-user mailing list
> Esapi-user at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/esapi-user

More information about the Esapi-user mailing list