

Premature Ajax-ulation - nreece
http://arstechnica.com/news.ars/post/20070802-security-experts-warn-developers-about-the-risks-of-premature-ajax-ulation.html

======
randallsquared
I must be using ajax wrong. :/ It's not clear to me how using ajax would
expose functions and variables not exposed by any other form, because you
still need a form; you're just building it with javascript. Right? When you
use ajax, you're just saving some page loads, not throwing away server-side
validation; it seems to me that you'd have to go out of your way to screw this
up after you have your original non-ajax site working.

