Picture 1 of 14
Picture 1 of 14
The Tangled Web: A Guide to Securing Modern Web Applications, Zalewski, Michal,
US $24.99
ApproximatelyPHP 1,390.50
Condition:
Like New
A book in excellent condition. Cover is shiny and undamaged, and the dust jacket is included for hard covers. No missing or damaged pages, no creases or tears, and no underlining/highlighting of text or writing in the margins. May be very minimal identifying marks on the inside cover. Very minimal wear and tear.
Postage:
US $5.38 (approx PHP 299.35) USPS Media MailTM.
Located in: Orem, Utah, United States
Delivery:
Estimated between Fri, 27 Sep and Mon, 30 Sep to 43230
Returns:
No returns accepted.
Coverage:
Read item description or contact seller for details. See all detailsSee all details on coverage
(Not eligible for eBay purchase protection programmes)
Seller assumes all responsibility for this listing.
eBay item number:266400019580
Item specifics
- Condition
- Book Title
- The Tangled Web: A Guide to Securing Modern Web Applications
- ISBN
- 9781593273880
- Subject Area
- Computers
- Publication Name
- Tangled Web : a Guide to Securing Modern Web Applications
- Publisher
- No Starch Press, Incorporated
- Item Length
- 9.2 in
- Subject
- Internet / General, Networking / General, Security / General, Security / Networking, Networking / Network Protocols
- Publication Year
- 2011
- Type
- Textbook
- Format
- Trade Paperback
- Language
- English
- Item Height
- 0.8 in
- Features
- New Edition
- Item Weight
- 21.8 Oz
- Item Width
- 6.9 in
- Number of Pages
- 320 Pages
About this product
Product Identifiers
Publisher
No Starch Press, Incorporated
ISBN-10
1593273886
ISBN-13
9781593273880
eBay Product ID (ePID)
109201203
Product Key Features
Number of Pages
320 Pages
Language
English
Publication Name
Tangled Web : a Guide to Securing Modern Web Applications
Publication Year
2011
Subject
Internet / General, Networking / General, Security / General, Security / Networking, Networking / Network Protocols
Features
New Edition
Type
Textbook
Subject Area
Computers
Format
Trade Paperback
Dimensions
Item Height
0.8 in
Item Weight
21.8 Oz
Item Length
9.2 in
Item Width
6.9 in
Additional Product Features
Intended Audience
Trade
LCCN
2011-039636
Reviews
"A classic - arguably canon - as far as security training books go, and especially when it comes to web application security." --Britt Kemp, Bishop Fox Labs
Dewey Edition
23
TitleLeading
The
Illustrated
Yes
Dewey Decimal
005.8
Edition Description
New Edition
Table Of Content
Preface and Acknowledgments 1. Security in the World of Web Applications Part I: Anatomy of the Web 2. It Starts with A URL 3. Hypertext Transfer Protocol 4. Hypertext Markup Language 5. Cascading Style Sheets 6. Browser-Side Scripts 7. Non-HTML Document Types 8. Content Rendering with Browser Plug-Ins Part II: Browser Security Features 9. Content Isolation Logic 10. Origin Inheritance 11. Life Outside Same-Origin Rules 12. Other Security Boundaries 13. Content Recognition Mechanisms 14. Dealing with Rogue Scripts 15. Extrinsic Site Privileges Part III: A Glimpse of Things to Come 16. New and Upcoming Security Features 17. Other Browser Mechanisms of Note 18. Common Web Vulnerabilities Epilogue Notes Index
Synopsis
"Thorough and comprehensive coverage from one of the foremost experts in browser security." --Tavis Ormandy, Google Inc. Modern web applications are built on a tangle of technologies that have been developed over time and then haphazardly pieced together. Every piece of the web application stack, from HTTP requests to browser-side scripts, comes with important yet subtle security consequences. To keep users safe, it is essential for developers to confidently navigate this landscape. In The Tangled Web, Michal Zalewski, one of the world's top browser security experts, offers a compelling narrative that explains exactly how browsers work and why they're fundamentally insecure. Rather than dispense simplistic advice on vulnerabilities, Zalewski examines the entire browser security model, revealing weak points and providing crucial information for shoring up web application security. You'll learn how to: * Perform common but surprisingly complex tasks such as URL parsing and HTML sanitization * Use modern security features like Strict Transport Security, Content Security Policy, and Cross-Origin Resource Sharing * Leverage many variants of the same-origin policy to safely compartmentalize complex web applications and protect user credentials in case of XSS bugs * Build mashups and embed gadgets without getting stung by the tricky frame navigation policy * Embed or host user-supplied content without running into the trap of content sniffing For quick reference, "Security Engineering Cheat Sheets" at the end of each chapter offer ready solutions to problems you're most likely to encounter. With coverage extending as far as planned HTML5 features, The Tangled Web will help you create secure web applications that stand the test of time., Modern web applications are built on a tangle of technologies that have been developed over time and then haphazardly pieced together. Every piece of the web application stack, from HTTP requests to browser-side scripts, comes with important yet subtle security consequences. To keep users safe, it is essential for developers to confidently navigate this landscape. In The Tangled Web, Michal Zalewski, one of the world s top browser security experts, offers a compelling narrative that explains exactly how browsers work and why they re fundamentally insecure. Rather than dispense simplistic advice on vulnerabilities, Zalewski examines the entire browser security model, revealing weak points and providing crucial information for shoring up web application security. You ll learn how to: Perform common but surprisingly complex tasks such as URL parsing and HTML sanitization Use modern security features like Strict Transport Security, Content Security Policy, and Cross-Origin Resource Sharing Leverage many variants of the same-origin policy to safely compartmentalize complex web applications and protect user credentials in case of XSS bugs Build mashups and embed gadgets without getting stung by the tricky frame navigation policy Embed or host user-supplied content without running into the trap of content sniffing For quick reference, 'Security Engineering Cheat Sheets' at the end of each chapter offer ready solutions to problems you re most likely to encounter. With coverage extending as far as planned HTML5 features, The Tangled Web will help you create secure web applications that stand the test of time., Modern web applications are built on a tangle of technologies that have been developed over time and then haphazardly pieced together. Every piece of the web application stack, from HTTP requests to browser-side scripts, comes with important yet subtle security consequences. To keep users safe, it is essential for developers to confidently navigate this landscape. In The Tangled Web , Michal Zalewski, one of the world's top browser security experts, offers a compelling narrative that explains exactly how browsers work and why they're fundamentally insecure. Rather than dispense simplistic advice on vulnerabilities, Zalewski examines the entire browser security model, revealing weak points and providing crucial information for shoring up web application security. You'll learn how to: -Perform common but surprisingly complex tasks such as URL parsing and HTML sanitization -Use modern security features like Strict Transport Security, Content Security Policy, and Cross-Origin Resource Sharing -Leverage many variants of the same-origin policy to safely compartmentalize complex web applications and protect user credentials in case of XSS bugs -Build mashups and embed gadgets without getting stung by the tricky frame navigation policy -Embed or host user-supplied content without running into the trap of content sniffing For quick reference, "Security Engineering Cheat Sheets" at the end of each chapter offer ready solutions to problems you're most likely to encounter. With coverage extending as far as planned HTML5 features, The Tangled Web will help you create secure web applications that stand the test of time., "Thorough and comprehensive coverage from one of the foremost experts in browser security." --Tavis Ormandy, Google Inc. Modern web applications are built on a tangle of technologies that have been developed over time and then haphazardly pieced together. Every piece of the web application stack, from HTTP requests to browser-side scripts, ......
LC Classification Number
TK5105.59.Z354 2011
Item description from the seller
Seller feedback (2,252)
- 8***i (175)- Feedback left by buyer.Past monthVerified purchaseFast shipping and great quality
- r***9 (23)- Feedback left by buyer.Past monthVerified purchaseWonderful narration by Ian Carmichael of a classic British mystery written by a master.
- u***u (580)- Feedback left by buyer.Past monthVerified purchaseShipped out fast, and received it early! Item as described! Thanks a lot! A+