Tangled Web: A Guide to Securing Modern Web Applications

Tangled Web: A Guide to Securing Modern Web Applications

The Tangled Web is destined to be the definitive guide to web application security. Rather than simply enumerate known vulnerabilities or lay down a series of commandments from on high, famed security expert Michal Zalewski takes an in-depth look at how browsers actually work, how to leverage their...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
1. Verfasser: Zalewski, Michal
Format: Buch
Sprache:eng
Schlagworte:
Browsers (Computer programs)
Computer networks
Computer security
Security measures
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The Tangled Web is destined to be the definitive guide to web application security. Rather than simply enumerate known vulnerabilities or lay down a series of commandments from on high, famed security expert Michal Zalewski takes an in-depth look at how browsers actually work, how to leverage their features, and what pitfalls lurk in the shadows. An outgrowth of Zalewski’s work on Google’s online Browser Security Handbook, The Tangled Web sheds light on the uniqueness of the security challenges that engineers, developers, and users face on the Web today. The book opens with a detailed examination of browser security mechanisms, the historical reasons behind their design, and their security consequences. Subsequent chapters discuss the security aspects of specific web technologies, including URLs, HTTP, HTML, JavaScript, the same-origin policy, and HTML5. Readers looking for quick answers will appreciate the cheat sheets in each chapter, which outline the most commonly encountered problems and how to tackle them. An appendix offers a glossary of well-known implementation vulnerabilities.