We constantly think about security in our applications.
Our preferred way to get data from the back is to use jQuery AJAX functions to directly access .aspx pages with page methods on them (without using a script writer), as described here by Dave Ward ...
http://encosia.com/2008/05/29/using-jquery-to-directly-call-aspnet-ajax-page-methods/
So my question is: how safe is this?
I read a little about XSS and the same source policies, etc. Are they all automatically processed by ASP.NET or do we need to explicitly do something to make our applications secure?
Thanks Jon
source
share