Sending login information via AJAX

views:

216

answers:

Sending login information via AJAX

Im using jQuery validate plugin and every form has multiple validation levels.

level is by validate plugin
level is:
- data is submitted to site
- I get a reply
  - if everything is ok -> JS redirects to url
  - if there is an error, it shows warnings

Now I wonder, is it safe to send login info via ajax? I know that with addons like firebug, I am also able to get all POST parameters with normal submit. But can somebody else interfere with ajax login request and steal precious data?

+1 A:

Are you issuing requests over HTTPS?

Rob 2009-03-02 23:54:23

+1 A:

is it safe to send login info via ajax

You do use HTTPS, do you? If you do it's as safe as form submit.

Vladimir Dyuzhev 2009-03-02 23:54:49

Thank you for suggestion, will add this feature right away...

FrEaKmAn 2009-03-02 23:57:58

Here "thank you" is expressed by clicking on "accept answer" or "arrow up" ;)

Vladimir Dyuzhev 2009-03-02 23:59:48

+1 A:

If you mean someone else on the network, then see the earlier comments about HTTPs.

If you mean "can someone inject something into a page and steal the data", the answer is yes. As you've observed, the user can install plugins which could do this; it's also possible that your page could be inadvertently be the target of injection via cross-site scripting or some other flaw.

jdigital 2009-03-03 00:05:47

ansaurus

tags:

views:

answers:

Sending login information via AJAX

related questions