伴随越来越多的网站步入Web2.0 时代,在使用Ajax 技术提供良好的用户体验的同时,一系列的安全问题也渐渐为人们所关注。本文就Web2.0 应用中的数据交换环节,提出具体建议,以降低网络攻击的风险。 关键词网络安全 跨站点伪造请求 Abstract Web 2.0 provides enhanced function with Asynchronous JavaScript and XML and is used by more and more websites, while a series of security problems became one of the latest hot topics on the Internet. The main purpose of this article is to introduce the process of Web 2.0’s data exchange and focus on network security, which provides some suggestion to reduce the risk of network attack. Keyword network security Cross-Site Request Forgery