For example, when using an AJAX framework to add AJAX functionality to a
traditional application, URLs that were in the source tree of an application but never
exposed to clients may now be automatically added by the AJAX framework. To expand
this example, consider the case of a hidden administrative portion of an application running
at www.example.com/app/admin. While this URL was always hidden from
clients, when a developer ran the application source through an AJAX framework to
Chapter 6: AJAX Types, Discovery, and Parameter Manipulation 165
add AJAX functionality, the framework automatically generated JavaScript describing
methods found in the administrator portion of the application. Now whenever a client is
sent JavaScript describing the methods exposed on the server, the list contains any methods
found in the administrator portion of the site. This allows an attacker to learn about
the previously hidden administrator URL, connect to it, and perform administrative
functions.
Unintended Exposure Countermeasure
Countermeasures for unintended exposure are straightforward, although unfortunately
for developers, no automated process is available to perform them. Once a migration to
a AJAX functionality is complete, developers should analyze their application to ensure
that no previously hidden information is exposed.
Pages:
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310