I'm using the Jquery load function $('#result').load('test.php');
to load a page into another page by clicking a tab. The page I'm loading contains javascript, php, and contains a form. Using the firebug console I saw that there is a GET
for all my script sources in the page I'm loading as well. Not sure if that should be a concern..
Can data be hacked via the jquery load? Are there any issues to consider?
note: I'm aware that old browsers don't work with javascript but is there anything else to consider?
Use caution and test a small area first on delicate surfaces such as fiberglass, imitation marble, plastics, and enameled appliances. Use plenty of water, rub gently and rinse well. Do not use on silver, fabrics, painted surfaces or plexiglass.
AJAX is not a programming language. AJAX just uses a combination of: A browser built-in XMLHttpRequest object (to request data from a web server) JavaScript and HTML DOM (to display or use the data)
Ajax is a web developer's best friend because it allows lazy loading to be done. Lazy loading is an optimization technique widely used to optimize online content. Ajax lets its users make asynchronous calls without having to reload the entire web page.
With interactive websites and modern web standards, Ajax is performed using functions within JavaScript frameworks and the Fetch API Standard.
So long as your site isn't compromised, a XHR to your own data is inherently no more dangerous than any other request.
Loading content using AJAX does not introduce any additional security issues.
An attacker can hijack the connection and inject his own Javascript (unless you're using HTTPS), but he can also do that to the page itself.
An attacker can exploit an XSS hole in your backend to run his own Javascript, but he can also do that to the page itself.
It really depends on how well you trust the source of the scripts. If you control them then there's no (additional) issue. If you're getting them from somewhere else (like jQuery from Google's CDN, for example) you're trusting that source.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With