A01=Michal Zalewski
Age Group_Uncategorized
Age Group_Uncategorized
Author_Michal Zalewski
automatic-update
bugs
business
Category1=Non-Fiction
Category=UR
Category=UTN
cloud computing
computer
computer books
computer networking
computer networks
computer science
computer security
computers
computing
COP=United States
crime
cryptography
cyber
cyber security
cyber security books
cybersecurity
dark web
data
Delivery_Delivery within 10-20 working days
devops
engineering
eq_bestseller
eq_computing
eq_isMigrated=2
eq_nobargain
eq_non-fiction
espionage
finance
forensics
hackers
hacking
hacking books
internet
Language_English
law
legal
linux
logic games
mba
network
network security
networking
PA=In stock
penetration test
penetration testing
Price_€50 to €100
privacy
programming
PS=Active
script
security
softlaunch
spy
surveillance
tech
technology
work
Product details
- ISBN 9781593273880
- Dimensions: 178 x 234mm
- Publication Date: 15 Nov 2011
- Publisher: No Starch Press,US
- Publication City/Country: US
- Product Form: Paperback
- Language: English
Secure
checkout
Fast Shipping
Easy returns
Modern web applications are built on a tangle of technologies that have been developed over time and then haphazardly pieced together. Every piece of the web application stack, from HTTP requests to browser-side scripts, comes with important yet subtle security consequences. To keep users safe, it is essential for developers to confidently navigate this landscape. In The Tangled Web, Michal Zalewski, one of the world s top browser security experts, offers a compelling narrative that explains exactly how browsers work and why they re fundamentally insecure. Rather than dispense simplistic advice on vulnerabilities, Zalewski examines the entire browser security model, revealing weak points and providing crucial information for shoring up web application security. You ll learn how to: Perform common but surprisingly complex tasks such as URL parsing and HTML sanitization Use modern security features like Strict Transport Security, Content Security Policy, and Cross-Origin Resource Sharing Leverage many variants of the same-origin policy to safely compartmentalize complex web applications and protect user credentials in case of XSS bugs Build mashups and embed gadgets without getting stung by the tricky frame navigation policy Embed or host user-supplied content without running into the trap of content sniffing For quick reference, 'Security Engineering Cheat Sheets' at the end of each chapter offer ready solutions to problems you re most likely to encounter. With coverage extending as far as planned HTML5 features, The Tangled Web will help you create secure web applications that stand the test of time.
Michal Zalewski is an internationally recognized information security expert with a long track record of delivering cutting-edge research. He is credited with discovering hundreds of notable security vulnerabilities and frequently appears on lists of the most influential security experts. He is the author of Silence on the Wire (No Starch Press), Google's "Browser Security Handbook," and numerous important research papers.
