AjaxLine

On the Technoblog, there's a new post that seeks to debunk misconceptions about some of the issues that have come up surrounding the use of cross-domain Ajax connections.

Quite a number of people have been discussing possible cross-domain Ajax security issues recently. These are smart people that generally know their technologies very well, but for some reason are missing some fundamental aspects about Ajax.

There are a few articles that he points to as misrepresenting some of the issues - things like resource theft, cross-site scripting, slowing down other people's sites, and session data issues.

He goes through each of these (and more), explaining how most of them could be avoided with a bit more thinking on the developer's side of things rather than blinding assuming connections/resources when creating applications. Also, be sure to check out the comments on the post - a back and forth between the post's author, Lucas Carlson, and Jason Mauer.