Register now or log in to join your professional community.
jQuery contains a lot of complex scripts. It may open some security holes in website. Which security issues do I need to concern during website development?
Whether a developer or person using jQuery or not, as long as you are in the field of software and web development, security is always a concern. It might cost a person several months to develop a full pledge application and only a matter of minutes for a hacker to exploit or discover vulnerabilities.
That's why it is always a good stand to...
1. Follow standard secure development practices
2. Consideration of security standard/publication like OWASP, SANS, etc...
3. Always keep yourself informed, CVE, ExploitDB etc.
No. JQuery is executed in the browser, an from a security point of view, the browser is always unreliable. No matter how much JavaScript you use or which JS frameworks, it's always under control of the attacker. Security has to implemented on the server side. It's a common mistake beginners make, to place security checks in the JavaScript part and let the server trust it.
Using Client side scripts whether it is Javascript or Jquery or Mootools or any other script, security is always a concern.