I have been using a lot of AJAX to submit forms such as register user, log in user form and so on.. Now, I want to know is it safe to use AJAX for such sensitive information such as userID and password forms ? What is the pro and cons of using AJAX when submitting form ? (security wise and so on).. Thank you again for any kind explanation and enlightenment..
Asked
Active
Viewed 2,225 times
0
-
Whatever option you choose, open the browser console, go to the "network" tab: everything is exposed. You can also inspect a password input and get the value behind the dots using the console. Google should help though: http://stackoverflow.com/questions/1582894/how-to-send-password-securely-over-http. – Sep 05 '15 at 08:50
2 Answers
3
PROS:
AJAX definitely has the advantage over the User Experience and Convenience. AJAX allows you to do checks with the server without refreshing the page. For example, it allows you to check if the username has already been used or not without resetting the form. However, since the users information is processed in Javascript first, Cross Site Scripting attacks can easily grab data from your script. However, even without AJAX your Cross Site Scripting can still be used.
CONS:
However, since AJAX is fetches data asynchronously, it usually renders the browser back button completely useless. Also, people who don't understand "web tech" sometimes turn Javascript off due to their own paranoia, thus AJAX can no longer run. I also heard that content rendered through AJAX are not usually visible to search engines, but I'm no SEO prof.
David Yue
- 713
- 7
- 24
0
It's the exact same as using a normal form there is 0 differences. The pro and cons are the same as a normal html form.
I think you can use SSL or TLS if you want better security but don't hold me to that :)
rm_
- 35
- 1
- 7