Forum Systems has issued an alert for AJAX-related security threats and performance issues. AJAX transforms a user’s Web browser into a Web services portal, thus exposing it to potentially corrupted data that can cause the browser to crash or perform poorly; malformed messages can disrupt server performance due to excessive parsing and exception handling.
By enabling the creation of interactive and highly responsive Web pages that are interoperable with Web Services, Ajax also dramatically increases the amount of XML, text or HTML network traffic being transmitted. The use of XML as the content type for requests and response payloads means that applications will be exposed to new security vulnerabilities and application performance degradation. Forum Systems recommends that organizations implement server-side content filtering, Web Services Security and XML Acceleration to ensure scalable and secure Ajax applications.
While these threat possibilities are being expressed by experts at Forum Systems, one wonders if the real threat to AJAX applications comes from lack of standards, frameworks and most importantly developers jumping the gun and messing up the code for AJAX applications.