Additionally, this set of JavaScript files is often sent
down to the user before authentication takes place, allowing any unauthenticated user
to learn the about the application. This is a drastic change from the Web 1.0??“style of
learning about the functionality of a web application. In the Web 1.0 style, method
discovery requires that a user manually walk through each section of the application to
learn about functionality. In the Web 2.0 style, full functionality is sent to the user. In and
of itself, this is not a security vulnerability. However, it is a profound shift in the way that
web applications interact with users. It greatly eases an attackers??™ job of performing
method discovery and learning about a target application compared with the Web 1.0??“
style of having to walk through the entire application to learn its functionality.
In addition, the JavaScript files sent down in Web 2.0 may describe functionality that
the attacker would not normally have had access to in a Web 1.0??“style application. For
example, the JavaScript not only describes methods that can be called from the attacker
access role (such as a low-rights user), but also describes methods used by high-rights
193
users and administrators.
Pages:
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352