[FoRK] Why AJAX? ActiveX is turned off
Thu Oct 13 22:53:33 PDT 2005
Steve Norquist wrote:
> No...no, FOX must have covered it somehow.
> Innovation always has the power to disrupt business. Here?s what to
> watch in the years ahead.
Collecting a few things
+ previously forked ajax security concerns
+ power to disrupt business
+ social networking
loose on the Fox owned community site 'myspace'.
Reported in (blog-language in) http://e-scribe.com/news/103 [*]
"The Ajaxy bits of Web 2.0 that bring us an increase in
client-side power also open up new vistas of malware"
Why? Well, from http://fast.info/myspace/
"If I can become their friend...if I can become their hero...
then why can't their friends become my friend...my hero. I can
propagate the program to their profile, can't I. If someone
views my profile and gets this program added to their profile,
that means anyone who views THEIR profile also adds me as a
friend and hero, and then anyone who hits THOSE people's
profiles add me as a friend and hero..."
And the Ajack http://namb.la/popular/tech.html :
"So, we use XML-HTTP in order for the actual client to make
HTTP GETs and POSTs to pages. However, myspace strips out the
word "onreadystatechange" which is necessary for XML-HTTP requests.
Again, we can use an eval to evade this. Another plus to XML-HTTP
is that the necessary cookies required to perform actions on myspace
are passed along without any hassle.
Example: eval('xmlhttp.onread' + 'ystatechange = callback');"
[*] Web 2.0 = Web 1.0 + Ajax
= browser + Ajax
= Web 1.0
So we may not be getting anywhere, but at least the version
numbers are going up.
This electronic message together with any attachments is confidential and
intended for the named recipient's use only. If you are not the intended
recipient (i) do not copy, disclose or use the contents in any way, (ii)
please let us know by return email immediately then destroy the message, and
any hard copies of the message, and any attachments. The sender of this
message is not responsible for any changes made to this message and/or any
attachments and/or connection linkages to the Internet referred to in this
message after it has been sent. Unless otherwise stated, any pricing
information given in this message and/or attachments is indicative only, is
subject to change and does not constitute an offer to buy or sell securities
or derivatives at any price quoted. Any reference to the terms of executed
transactions should be treated as preliminary only and subject to separate
formal written notification. Where reference is made to research material
and/or research recommendations, the basis of the provision of such research
material and/or recommendations is set out in the relevant disclaimer.
More information about the FoRK