Parameter
- 320 Seiten
- 12 Lesestunden
Mehr zum Buch
"Thorough and comprehensive coverage from one of the foremost experts in browser security." --Tavis Ormandy, Google Inc. Modern web applications are constructed from a complex mix of technologies, each contributing subtle security implications. Developers must adeptly navigate this landscape to ensure user safety. Michal Zalewski, a leading authority on browser security, provides an insightful narrative that clarifies how browsers operate and their inherent insecurities. Instead of offering simplistic advice on vulnerabilities, he delves into the entire browser security model, identifying weaknesses and supplying vital information for enhancing web application security. Key learning points include: executing complex tasks like URL parsing and HTML sanitization; utilizing modern security features such as Strict Transport Security, CSP, and CORS; applying various forms of the same-origin policy to compartmentalize web applications and safeguard user credentials against XSS bugs; creating mashups and embedding gadgets while navigating frame navigation policies; and managing user-supplied content without falling victim to content sniffing. Each chapter concludes with "Security Engineering Cheat Sheets" for quick reference, providing ready solutions to common challenges. With insights extending to anticipated HTML5 features, this resource equips developers to build secure web applications that endure.
Buchkauf
The Tangled Web, Michal Zalewski
- Sprache
- Erscheinungsdatum
- 2011
- product-detail.submit-box.info.binding
- (Paperback),
- Buchzustand
- Beschädigt
- Preis
- 7,44 €inkl. MwSt.
Keiner hat bisher bewertet.
- Titel
- The Tangled Web
- Untertitel
- A Guide to Securing Modern Web Applications
- Sprache
- Englisch
- Autor*innen
- Michal Zalewski
- Verlag
- No Starch Press
- Erscheinungsdatum
- 2011
- Einband
- Paperback
- Seitenzahl
- 320
- ISBN10
- 1593273886
- ISBN13
- 9781593273880
- Reihe
- Schlagwörter
- Sachbücher, Handel, Technologie & Industrie, Rechtsthematik, Handbücher und Anleitungen, Computer & Internet, Technologie, Finanzen, Spionage, Kriminalistik, Beschäftigung, Maschinenbau, Internet, Überwachung, Hacker, Linux, Käfer, Computernetzwerke, Privatsphäre, Hacking, Darkweb
- Beschreibung
- "Thorough and comprehensive coverage from one of the foremost experts in browser security." --Tavis Ormandy, Google Inc. Modern web applications are constructed from a complex mix of technologies, each contributing subtle security implications. Developers must adeptly navigate this landscape to ensure user safety. Michal Zalewski, a leading authority on browser security, provides an insightful narrative that clarifies how browsers operate and their inherent insecurities. Instead of offering simplistic advice on vulnerabilities, he delves into the entire browser security model, identifying weaknesses and supplying vital information for enhancing web application security. Key learning points include: executing complex tasks like URL parsing and HTML sanitization; utilizing modern security features such as Strict Transport Security, CSP, and CORS; applying various forms of the same-origin policy to compartmentalize web applications and safeguard user credentials against XSS bugs; creating mashups and embedding gadgets while navigating frame navigation policies; and managing user-supplied content without falling victim to content sniffing. Each chapter concludes with "Security Engineering Cheat Sheets" for quick reference, providing ready solutions to common challenges. With insights extending to anticipated HTML5 features, this resource equips developers to build secure web applications that endure.