http://relib.com/blogs/bazile/category/51.aspxБезопасностьВасилий Петрухинru-RU.Text Version 0.95.2004.102Василий Петрухинhttp://relib.com/blogs/bazile/archive/2006/10/17/top10_web2_attack_vectors.aspxTue, 17 Oct 2006 12:39:00 GMThttp://relib.com/blogs/bazile/archive/2006/10/17/top10_web2_attack_vectors.aspxhttp://relib.com/blogs/bazile/comments/6823.aspxhttp://relib.com/blogs/bazile/archive/2006/10/17/top10_web2_attack_vectors.aspx#Feedback0http://relib.com/blogs/bazile/comments/commentRss/6823.aspxhttp://relib.com/blogs/bazile/services/trackbacks/6823.aspx<P>Советую прочитать статью <A href="http://www.net-security.org/article.php?id=949">Top 10 Web 2.0 Attack Vectors</A>. Как обычно новые технологии одновременно открывают новые возможности для "плохих парней". Вот они:</P> <OL> <LI>Cross-site scripting in AJAX <LI>XML/XML schema poisoning <LI>Malicious AJAX code execution <LI>RSS / Atom injection <LI>WSDL scanning and enumeration <LI>Client side validation in AJAX routines <LI>Web services routing issues (WS-Routing) <LI>Parameter manipulation with SOAP <LI>XPATH injection in SOAP message <LI>RIA thick client binary manipulation</LI></OL><img src ="http://relib.com/blogs/bazile/aggbug/6823.aspx" width = "1" height = "1" />