Garo Garabedyan's Divergent Thinking Blog

JSON vulnerabilities

with one comment

Visit this links in order to find interesting stuff about Gmail contact list unauthorized viewing through JSON and JavaScript. It is important to take a mark of this vulnerability in order to not make the same mistake.

Private Blog of Jeremiah Grossman
Ajaxian Archived post

According to me the best technique protecting JSON data is to add at the beginning of the file (or JSON data response): “while(1);” as Gmail now does. Actually this tries to prevent anyone of understanding is the data is sent and of course prevents people of accessing the content. In order to provide security you have to not enable hackers to see your data and even are you responding on something.


Written by garabedyan

May 2, 2007 at 07:26

Posted in Uncategorized

Tagged with

One Response

Subscribe to comments with RSS.

  1. […] mechanism between browser and server you are vulnerable by one new attack (explained here: […]

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s