Is it safe to download HTML and js via ajax?

Question

Is it safe to download HTML and js via ajax?

I am using the jQuery $('#result').load('test.php'); load function $('#result').load('test.php'); to load the page to another page by clicking the tab. The page I am loading contains javascript, php and contains a form. Using the firebug console, I saw that for all my script sources on the page that I am loading, there is GET . Not sure if this should be a problem ..

Is it possible to hack data through jquery loading? Are there any questions to consider?

note: I know that older browsers do not work with javascript, but is there anything else to consider?

+4

javascript ajax

Cyberjunkie Jun 2 '11 at 0:41

source share

3 answers

As long as your site is not at risk, XHR is no more dangerous for your own data than any other request.

+3

alex Jun 2 '11 at 0:43

source share

It really depends on how well you trust the source of the scripts. If you control them, then there is no (additional) problem. If you get them from another place (for example, jQuery from Google CDN, for example), you trust this source.

+1

Andrew Cooper Jun 2 '11 at 0:46

source share

SLaks · Accepted Answer · 2011-06-02T00:43:23+0000

Downloading content using AJAX does not lead to additional security issues.

An attacker can grab the connection and enter his Javascript (if you are not using HTTPS), but he can also do this on the page itself.

An attacker can use the XSS hole for your own Javascript, but he can also do this on the page itself.

Is it safe to download HTML and js via ajax?

More articles: