"Thorough and comprehensive coverage from one of the foremost experts in browser security."
—Tavis Ormandy, Google Inc.
Modern web applications are built on a tangle of technologies that have been developed over time and then haphazardly pieced together. Every piece of the web application stack, from HTTP requests to browser-side scripts, comes with important yet subtle security consequences. To keep users safe, it is essential for developers to confidently navigate this landscape.
In The Tangled Web, Michal Zalewski, one of the world's top browser security experts, offers a compelling narrative that explains exactly how browsers work and why they're fundamentally insecure. Rather than dispense simplistic advice on vulnerabilities, Zalewski examines the entire browser security model, revealing weak points and providing crucial information for shoring up web application security. You'll learn how to:
For quick reference, "Security Engineering Cheat Sheets" at the end of each chapter offer ready solutions to problems you're most likely to encounter. With coverage extending as far as planned HTML5 features, The Tangled Web will help you create secure web applications that stand the test of time.
"synopsis" may belong to another edition of this title.
Michal Zalewski is an internationally recognized information security expert with a long track record of delivering cutting-edge research. He is credited with discovering hundreds of notable security vulnerabilities and frequently appears on lists of the most influential security experts. He is the author of Silence on the Wire (No Starch Press), Google's "Browser Security Handbook," and numerous important research papers.
"About this title" may belong to another edition of this title.
Seller: World of Books (was SecondSale), Montgomery, IL, U.S.A.
Condition: Good. Item in good condition. Textbooks may not include supplemental items i.e. CDs, access codes etc. Seller Inventory # 00095758308
Seller: Aspen Book Co., Denver, CO, U.S.A.
Condition: good. A well-loved companion. Corners and cover might show a little wear, and you could find some notes or highlights. The dust jacket might be MIA, it might have been a library book and extras aren't guaranteedâ"but the story's all there! Seller Inventory # PKV.1593273886.G
Seller: Evergreen Goodwill, Seattle, WA, U.S.A.
paperback. Condition: Good. Seller Inventory # mon0000076042
Seller: ThriftBooks-Atlanta, AUSTELL, GA, U.S.A.
Paperback. Condition: Good. No Jacket. Former library book; Pages can have notes/highlighting. Spine may show signs of wear. ~ ThriftBooks: Read More, Spend Less. Seller Inventory # G1593273886I3N10
Seller: ThriftBooks-Atlanta, AUSTELL, GA, U.S.A.
Paperback. Condition: Good. No Jacket. Pages can have notes/highlighting. Spine may show signs of wear. ~ ThriftBooks: Read More, Spend Less. Seller Inventory # G1593273886I3N00
Seller: HPB-Red, Dallas, TX, U.S.A.
Paperback. Condition: Good. Connecting readers with great books since 1972! Used textbooks may not include companion materials such as access codes, etc. May have some wear or writing/highlighting. We ship orders daily and Customer Service is our top priority! Seller Inventory # S_458235276
Seller: Goodwill of Silicon Valley, SAN JOSE, CA, U.S.A.
Condition: good. Supports Goodwill of Silicon Valley job training programs. The cover and pages are in Good condition! Any other included accessories are also in Good condition showing use. Use can include some highlighting and writing, page and cover creases as well as other types visible wear. Seller Inventory # GWSVV.1593273886.G
Seller: Half Price Books Inc., Dallas, TX, U.S.A.
Paperback. Condition: Very Good. Connecting readers with great books since 1972! Used books may not include companion materials, and may have some shelf wear or limited writing. We ship orders daily and Customer Service is our top priority! Seller Inventory # S_469868494
Seller: HPB-Diamond, Dallas, TX, U.S.A.
Paperback. Condition: Very Good. Connecting readers with great books since 1972! Used books may not include companion materials, and may have some shelf wear or limited writing. We ship orders daily and Customer Service is our top priority! Seller Inventory # S_469554862
Seller: Bookbot, Prague, Czech Republic
Softcover. Condition: Fair. Verschmutzung / Wasserschaden; Leichte Kratzer / Abnutzungen / Druckstellen. "Thorough and comprehensive coverage from one of the foremost experts in browser security." --Tavis Ormandy, Google Inc. Modern web applications are constructed from a complex mix of technologies, each contributing subtle security implications. Developers must adeptly navigate this landscape to ensure user safety. Michal Zalewski, a leading authority on browser security, provides an insightful narrative that clarifies how browsers operate and their inherent insecurities. Instead of offering simplistic advice on vulnerabilities, he delves into the entire browser security model, identifying weaknesses and supplying vital information for enhancing web application security. Key learning points include: executing complex tasks like URL parsing and HTML sanitization; utilizing modern security features such as Strict Transport Security, CSP, and CORS; applying various forms of the same-origin policy to compartmentalize web applications and safeguard user credentials against XSS bugs; creating mashups and embedding gadgets while navigating frame navigation policies; and managing user-supplied content without falling victim to content sniffing. Each chapter concludes with "Security Engineering Cheat Sheets" for quick reference, providing ready solutions to common challenges. With insights extending to anticipated HTML5 features, this resource equips developers to build secure web applications that endure. Seller Inventory # 8106bd12-3c59-453e-a7ff-204e23c62e9f
Quantity: 1 available