The Resource The tangled Web : a guide to securing modern Web applications, by Michal Zalewski, (electronic resource)

The tangled Web : a guide to securing modern Web applications, by Michal Zalewski, (electronic resource)

Label
The tangled Web : a guide to securing modern Web applications
Title
The tangled Web
Title remainder
a guide to securing modern Web applications
Statement of responsibility
by Michal Zalewski
Creator
Contributor
Provider
Subject
Genre
Language
eng
Summary
"'Thorough and comprehensive coverage from one of the foremost experts in browser security.' --Tavis Ormandy, Google Inc. Modern web applications are built on a tangle of technologies that have been developed over time and then haphazardly pieced together. Every piece of the web application stack, from HTTP requests to browser-side scripts, comes with important yet subtle security consequences. To keep users safe, it is essential for developers to confidently navigate this landscape.In The Tangled Web, Michal Zalewski, one of the world's top browser security experts, offers a compelling narrative that explains exactly how browsers work and why they're fundamentally insecure. Rather than dispense simplistic advice on vulnerabilities, Zalewski examines the entire browser security model, revealing weak points and providing crucial information for shoring up web application security. You'll learn how to: Perform common but surprisingly complex tasks such as URL parsing and HTML sanitization Use modern security features like Strict Transport Security, CSP, and CORS Leverage many variants of the same-origin policy to safely compartmentalize complex web applications and protect user credentials in case of XSS bugs Build mashups and embed gadgets without getting stung by the tricky frame navigation policy Embed or host user-supplied content without running into the trap of content sniffing For quick reference, "Security Engineering Cheat Sheets' at the end of each chapter offer ready solutions to problems you're most likely to encounter. With coverage extending as far as planned HTML5 features, The Tangled Web will help you create secure web applications to stand the test of time"--
Assigning source
Provided by publisher
Cataloging source
N$T
http://library.link/vocab/creatorName
Zalewski, Michal
Illustrations
illustrations
Index
index present
LC call number
TK5105.59
LC item number
.Z354 2012eb
Literary form
non fiction
Nature of contents
  • standards specifications
  • bibliography
http://library.link/vocab/relatedWorkOrContributorName
ebrary
http://library.link/vocab/subjectName
  • Computer networks
  • Browsers (Computer programs)
  • Computer security
  • COMPUTERS / Internet / Security
  • COMPUTERS / Security / Viruses
  • COMPUTERS / Networking / General
  • COMPUTERS / Networking / Network Protocols
  • COMPUTERS / Security / General
  • COMPUTERS / Security / Cryptography
  • COMPUTERS / Networking / Security
  • COMPUTERS / Web / Web Programming
  • COMPUTERS / Web / Browsers
  • Computer networks
  • Computer security
  • Computer networks / Security measures
  • Browsers (Computer programs)
  • Computer security
Label
The tangled Web : a guide to securing modern Web applications, by Michal Zalewski, (electronic resource)
Instantiates
Publication
Bibliography note
Includes bibliographical references (p. 267-282) and index
Color
multicolored
Contents
pt. 1. Anatomy of the web -- pt. 2. Browser security features -- pt. 3. A glimpse of things to come
Dimensions
unknown
Extent
1 online resource (xix, 299 p.)
Form of item
electronic
Isbn
9781593274177
Other physical details
ill.
Specific material designation
remote
Stock number
CL0500000131
System control number
  • (OCoLC)781636173
  • (OCoLC)ocn781636173
Label
The tangled Web : a guide to securing modern Web applications, by Michal Zalewski, (electronic resource)
Publication
Bibliography note
Includes bibliographical references (p. 267-282) and index
Color
multicolored
Contents
pt. 1. Anatomy of the web -- pt. 2. Browser security features -- pt. 3. A glimpse of things to come
Dimensions
unknown
Extent
1 online resource (xix, 299 p.)
Form of item
electronic
Isbn
9781593274177
Other physical details
ill.
Specific material designation
remote
Stock number
CL0500000131
System control number
  • (OCoLC)781636173
  • (OCoLC)ocn781636173

Library Locations

  • African Studies LibraryBorrow it
    771 Commonwealth Avenue, 6th Floor, Boston, MA, 02215, US
    42.350723 -71.108227
  • Alumni Medical LibraryBorrow it
    72 East Concord Street, Boston, MA, 02118, US
    42.336388 -71.072393
  • Astronomy LibraryBorrow it
    725 Commonwealth Avenue, 6th Floor, Boston, MA, 02445, US
    42.350259 -71.105717
  • Fineman and Pappas Law LibrariesBorrow it
    765 Commonwealth Avenue, Boston, MA, 02215, US
    42.350979 -71.107023
  • Frederick S. Pardee Management LibraryBorrow it
    595 Commonwealth Avenue, Boston, MA, 02215, US
    42.349626 -71.099547
  • Howard Gotlieb Archival Research CenterBorrow it
    771 Commonwealth Avenue, 5th Floor, Boston, MA, 02215, US
    42.350723 -71.108227
  • Mugar Memorial LibraryBorrow it
    771 Commonwealth Avenue, Boston, MA, 02215, US
    42.350723 -71.108227
  • Music LibraryBorrow it
    771 Commonwealth Avenue, 2nd Floor, Boston, MA, 02215, US
    42.350723 -71.108227
  • Pikering Educational Resources LibraryBorrow it
    2 Silber Way, Boston, MA, 02215, US
    42.349804 -71.101425
  • School of Theology LibraryBorrow it
    745 Commonwealth Avenue, 2nd Floor, Boston, MA, 02215, US
    42.350494 -71.107235
  • Science & Engineering LibraryBorrow it
    38 Cummington Mall, Boston, MA, 02215, US
    42.348472 -71.102257
  • Stone Science LibraryBorrow it
    675 Commonwealth Avenue, Boston, MA, 02445, US
    42.350103 -71.103784
Processing Feedback ...