Considerations Prior to Supporting RIAs
Rich Internet applications (RIAs) are vulnerable to security threats. Before exposing your e-commerce application by deploying the routing service, you should consider and mitigate your exposure to security threats by
Enabling the commerce session token to mitigate cross-site request forgery (CSRF) attacks. See Mitigating Cross-Site Request Forgery (CSRF) Attacks
Configuring the anti-XSS component to mitigate cross-site scripting (XSS) attacks. See Mitigating Cross-Site Scripting (XSS) Attacks
Reducing the attack surface area of your RIA through channel configuration. See Reducing the Attack Surface Area
Implementing token replacement to protect user anonymity. See Protecting User Anonymity