Full Disclosure mailing list archives

JavaScript exploits via source code disclosure

From: Ed Carp <erc () pobox com>
Date: Wed, 5 May 2010 22:44:07 -0700

We've got a lot of JQuery code that calls back-end web services, and
we're worried about exposing the web services to the outside world -
anyone can "view source" and see exactly how we're calling our web
services.

Are there any suggestions or guidelines regarding protecting one's
source from such disclosure?  Thanks in advance!

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

JavaScript exploits via source code disclosure Ed Carp (May 05)
- Re: JavaScript exploits via source code disclosure Marc Olive (May 06)
- Re: JavaScript exploits via source code disclosure Nick FitzGerald (May 06)
- <Possible follow-ups>
- Re: JavaScript exploits via source code disclosure Ed Carp (May 06)
  - Re: JavaScript exploits via source code disclosure Valdis . Kletnieks (May 06)
  - Re: JavaScript exploits via source code disclosure PsychoBilly (May 06)
    - Re: JavaScript exploits via source code disclosure Marsh Ray (May 06)
    - Re: JavaScript exploits via source code disclosure PsychoBilly (May 06)
    - Re: JavaScript exploits via source code disclosure Marsh Ray (May 06)
    - Re: JavaScript exploits via source code disclosure Christian Sciberras (May 06)
    - Re: JavaScript exploits via source code disclosure Nick FitzGerald (May 06)

(Thread continues...)