By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
You should not rely on distinguishing between real and unreal XMLHTTP (XHR) requests. Do not trust any requests regardless of their origin. The origin does not matter from a security point of view as long as the request does not contain malicious content. When requests need to be authorized, they authenticate themselves correctly with a strong authentication mechanism, that is all you can do.
Dig Deeper on Software Security Test Best Practices
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.