The term Reverse AJAX is used when a server is used to query and/or control a client-browser behavior. This may cause some questions because it sounds like our browsers are now vulnerable to attack while we visit the web pages of the world.
Luckily that is not the case, because it is not possible for a server to open a connection to a browser. A browser must always be the initiator of the connection. So, the question about security is actually valid, but a problem would mean that the website in question is designed and implemented for causing harm.
DWR supports three different methods to do Reverse AJAX in applications: Piggyback, Polling (by the client), and Comet (server push).
The piggyback method works so that whenever a server has an update to be sent to the client, it waits until the client opens a connection and requests some content from the server. When that happens, the server includes a new update with the response, and it is delivered to the client where DWR...