AJAX Security

I am quite clearly on an online presentation binge today.  Next up is Douglas Crockford on AJAX security issues.  JavaScript is a powerful language whose dynamism has enabled a new level of development productivity through the pattern we refer to as "mashups", or composing applications from an array of complex components created by "independent foundries".  Expect to hear more about application composition in the future from this blog. However, the power of these dynamic features have come at a price.  Consider this key line: "A mashup is a self-infliced XSS attack."  Clearly, we need a fresh approach to browser security.  Conveniently, Crockford has just such a proposal!  Quel suprise.

Relatedly, I recently read Douglas Crockford's book, JavaScript: The Good Parts.It is such a great book about such a great little language, with simple introductions into advanced dynamic language concepts such as currying and memoizing.