Here is the
client request:
GET http://www.example.com/zipcode_lookup.jsp?city=seattle
Here is the server response:
{OK}["98101","98102"]
Upstream Traf?¬? c
The communication sent from the client to the server is referred to as upstream traffic. While
the downstream traffic formats result from calling a method on the server, upstream traffic
is concerned with what formats clients use to perform calls of methods on the server.
Several common types of upstream traffic are detailed in the following.
HTTP GET
The most simplistic of upstream options, HTTP GETs have been used by developers since
the beginning of web applications and are still often used in a number of AJAX applications.
They are commonly found when developers want to use an easy and extremely
lightweight way to change state on the server. While there is nothing technically different
about using an HTTP GET in an AJAX application, the fact that they can now occur in the
background without being displayed to the user can cause a significant security impact.
As is often the case of easy-to-use functionality, HTTP GETs can lead to serious security
issues such as cross-site request forgery and cross-site scripting.
Pages:
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290