Tools such as WebScarab can greatly
aid the developer in analyzing the raw data being sent between the client and server for
anything that shouldn??™t be exposed.
Figure 6-4 A backdoor method
166 Hacking Exposed Web 2.0
Exposure Wrap-Up
These exposures are an AJAX issue, because in a Web 1.0 application there is a clear understanding
by the developer of what is sent to the client and what is not. However, an
AJAX migration often involves the use of automated scripts or default framework configurations
to determine what information should be exposed. When such a migration is
complete, developers may be surprised to find out that an entirely new set of information
is now being exposed to clients.
COOKIES
Use of cookies for session identification is another issue that, while not directly affected
by the migration to AJAX, continues to be an important security component of web applications.
Developers are often lulled into a false sense of security with cookies as any
session ID that ???looks random??? is assumed to be secure, but this is almost always not the
case. The following is a brief analysis of three different ways in which session identification
cookies are generated.
Pages:
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311