问题
Like we know that javascript is insecure as it is a client side script. Does JQuery is also insecure? If yes, than why we are seeing blogs on "JQuery replaces AJAX" and if not,than how it is different from Javascript when it is a client side script?
回答1:
It's not different, it's just Javascript. The same 'weakness' in terms of security.
It's highly abstracted and offers lots of tools and helpful methods to make things easier for a programmer. It'll abstract away almost all browser differences, so you don't have to care about that (at least not for jQuery methods).
However, this does not change the original statement, it's just Javascript!
回答2:
jQuery is a library for JavaScript, so yes, if you consider JavaScript to be insecure, then jQuery is, as well. Also, jQuery makes AJAX easier, but it doesn't replace it.
回答3:
In the entire existance of jQuery there has only been one vulnerability:CVE-2007-2379. Most vulnerabilities affect server-side code, its rather amazing that even one was found. You should read the OWASP top 10.
来源:https://stackoverflow.com/questions/5269801/is-jquery-secure