AJAX

JavaScript is one of the main components of AJAX, a collection of technologies that allows Web developers to improve the user interaction and response times for rendering Web content. AJAX allows Web content to behave more like traditional applications, but with increased complexity, which also increases the attack surface of a Web application.

Security concerns raised about AJAX include the following:


 * AJAX increases the number of points where a client interacts with the application.
 * AJAX may reveal details of internal functions within the Web application.
 * Some AJAX endpoints may not require authentication, relying instead on the current state of the application.

While AJAX is more of a perspective on the architecture of web applications that employ certain technologies, numerous AJAX frameworks also exist that provide developers with JavaScript functions to send requests and process them at the server. A framework usually includes an AJAX engine that is downloaded to the browser to render the user interface and communicate with the server. Selecting a suitable AJAX framework requires ensuring that the security requirements of the application can be satisfied through the architecture provided.