Is it safe to use ajax for login?

Am about to include a log in system to my web Site but i don’t think it’s a good idea for security to use ajax to send a and receive confirmation from an external php script called login.php and log-out the same way with another logout.php any recommendation ……………………

via PHP Website Development » Search Results » ajax:

Is it safe to use ajax for login?

Am about to include a log in system to my web Site but i don’t think it’s a good idea for security to use ajax to send a and receive confirmation from an external php script called login.php and log-out the same way with another logout.php any recommendation
……………………………………….

I can’t think of any security implications on using Ajax to handle login and logout. It doesn’t matter what you send back and forth (as long as you don’t send plain text passwords from server to client) between the ajax and sever side layer, because the session will be the one which will hold the authorization state.
However, you would still have to refresh the page, or redirect to show the appropriate content to the just authorized user. So, I don’t think Ajax is going to be effective at this particular situation.
……………………………………….

Security
AJAX is a as safe as a plain old form + refresh page. In the end it’s always an HTTP request. Why do you think that ?
However, from a usability point, make sure that people that disable javascript can still log into your app.
Be sure to use POST method to send your AJAX request, as GET requests, and their params (such as, let’s say, plain-text password) might end in your web server logs, unles you are using HTTPS.
Usability
As Gr

For more info: Is it safe to use ajax for login?

PHP Website Development » Search Results » ajax

Is it safe to use ajax for login?

Share this post:

Related Posts

Leave a Comment