all InfoSec news
JavaScript Magic Tricks: Ajax hacking
DEV Community dev.to
When communicating between the front-end and back-end, Ajax (Asynchronous Javascript And XML) is commonly used. In this article, a technique is demonstrated: intercepting and modifying data sent and received through Ajax.
Technical Principle
During Ajax communication, the open and send methods are used to send data, and the data return is obtained through the onreadystatechange event. To intercept bi-directional Ajax data, it is necessary to take over these methods.
Example code:
<script>
(function(){
//接管open、send方法
var open = XMLHttpRequest.prototype.open;
var send …
article asynchronous back communication data end front-end hacking javascript magic programming return security send technical webdev xml