Picture 1 of 14
The Tangled Web: A Guide to Securing Modern Web Applications, Zalewski, Michal,
Condition:
Postage:
Located in: Orem, Utah, United States
Delivery:
Estimated between Wed, 26 Jun and Sat, 29 Jun to 43230
Returns:
Payments:
Shop with confidence
Seller information
Registered as private seller, so consumer rights stemming from EU consumer protection law do not apply. eBay Money Back Guarantee still applies to most purchases.
Seller assumes all responsibility for this listing.
eBay item number:266400019580
Item specifics
- Condition
- Book Title
- The Tangled Web: A Guide to Securing Modern Web Applications
- ISBN
- 9781593273880
- Subject Area
- Computers
- Publication Name
- Tangled Web : a Guide to Securing Modern Web Applications
- Publisher
- No Starch Press, Incorporated
- Item Length
- 9.2 in
- Subject
- Internet / General, Networking / General, Security / General, Security / Networking, Networking / Network Protocols
- Publication Year
- 2011
- Type
- Textbook
- Format
- Trade Paperback
- Language
- English
- Item Height
- 0.8 in
- Features
- New Edition
- Item Weight
- 21.8 Oz
- Item Width
- 6.9 in
- Number of Pages
- 320 Pages
About this product
Product Identifiers
Publisher
No Starch Press, Incorporated
ISBN-10
1593273886
ISBN-13
9781593273880
eBay Product ID (ePID)
109201203
Product Key Features
Number of Pages
320 Pages
Language
English
Publication Name
Tangled Web : a Guide to Securing Modern Web Applications
Publication Year
2011
Subject
Internet / General, Networking / General, Security / General, Security / Networking, Networking / Network Protocols
Features
New Edition
Type
Textbook
Subject Area
Computers
Format
Trade Paperback
Dimensions
Item Height
0.8 in
Item Weight
21.8 Oz
Item Length
9.2 in
Item Width
6.9 in
Additional Product Features
Intended Audience
Trade
LCCN
2011-039636
Reviews
"A classic - arguably canon - as far as security training books go, and especially when it comes to web application security." --Britt Kemp, Bishop Fox Labs
Dewey Edition
23
Illustrated
Yes
Dewey Decimal
005.8
Edition Description
New Edition
Table Of Content
Preface and Acknowledgments 1. Security in the World of Web Applications Part I: Anatomy of the Web 2. It Starts with A URL 3. Hypertext Transfer Protocol 4. Hypertext Markup Language 5. Cascading Style Sheets 6. Browser-Side Scripts 7. Non-HTML Document Types 8. Content Rendering with Browser Plug-Ins Part II: Browser Security Features 9. Content Isolation Logic 10. Origin Inheritance 11. Life Outside Same-Origin Rules 12. Other Security Boundaries 13. Content Recognition Mechanisms 14. Dealing with Rogue Scripts 15. Extrinsic Site Privileges Part III: A Glimpse of Things to Come 16. New and Upcoming Security Features 17. Other Browser Mechanisms of Note 18. Common Web Vulnerabilities Epilogue Notes Index
Synopsis
"Thorough and comprehensive coverage from one of the foremost experts in browser security." --Tavis Ormandy, Google Inc. Modern web applications are built on a tangle of technologies that have been developed over time and then haphazardly pieced together. Every piece of the web application stack, from HTTP requests to browser-side scripts, comes with important yet subtle security consequences. To keep users safe, it is essential for developers to confidently navigate this landscape. In The Tangled Web, Michal Zalewski, one of the world's top browser security experts, offers a compelling narrative that explains exactly how browsers work and why they're fundamentally insecure. Rather than dispense simplistic advice on vulnerabilities, Zalewski examines the entire browser security model, revealing weak points and providing crucial information for shoring up web application security. You'll learn how to: * Perform common but surprisingly complex tasks such as URL parsing and HTML sanitization * Use modern security features like Strict Transport Security, Content Security Policy, and Cross-Origin Resource Sharing * Leverage many variants of the same-origin policy to safely compartmentalize complex web applications and protect user credentials in case of XSS bugs * Build mashups and embed gadgets without getting stung by the tricky frame navigation policy * Embed or host user-supplied content without running into the trap of content sniffing For quick reference, "Security Engineering Cheat Sheets" at the end of each chapter offer ready solutions to problems you're most likely to encounter. With coverage extending as far as planned HTML5 features, The Tangled Web will help you create secure web applications that stand the test of time., Modern web applications are built on a tangle of technologies that have been developed over time and then haphazardly pieced together. Every piece of the web application stack, from HTTP requests to browser-side scripts, comes with important yet subtle security consequences. To keep users safe, it is essential for developers to confidently navigate this landscape. In The Tangled Web, Michal Zalewski, one of the world s top browser security experts, offers a compelling narrative that explains exactly how browsers work and why they re fundamentally insecure. Rather than dispense simplistic advice on vulnerabilities, Zalewski examines the entire browser security model, revealing weak points and providing crucial information for shoring up web application security. You ll learn how to: Perform common but surprisingly complex tasks such as URL parsing and HTML sanitization Use modern security features like Strict Transport Security, Content Security Policy, and Cross-Origin Resource Sharing Leverage many variants of the same-origin policy to safely compartmentalize complex web applications and protect user credentials in case of XSS bugs Build mashups and embed gadgets without getting stung by the tricky frame navigation policy Embed or host user-supplied content without running into the trap of content sniffing For quick reference, 'Security Engineering Cheat Sheets' at the end of each chapter offer ready solutions to problems you re most likely to encounter. With coverage extending as far as planned HTML5 features, The Tangled Web will help you create secure web applications that stand the test of time., Modern web applications are built on a tangle of technologies that have been developed over time and then haphazardly pieced together. Every piece of the web application stack, from HTTP requests to browser-side scripts, comes with important yet subtle security consequences. To keep users safe, it is essential for developers to confidently navigate this landscape. In The Tangled Web , Michal Zalewski, one of the world's top browser security experts, offers a compelling narrative that explains exactly how browsers work and why they're fundamentally insecure. Rather than dispense simplistic advice on vulnerabilities, Zalewski examines the entire browser security model, revealing weak points and providing crucial information for shoring up web application security. You'll learn how to: -Perform common but surprisingly complex tasks such as URL parsing and HTML sanitization -Use modern security features like Strict Transport Security, Content Security Policy, and Cross-Origin Resource Sharing -Leverage many variants of the same-origin policy to safely compartmentalize complex web applications and protect user credentials in case of XSS bugs -Build mashups and embed gadgets without getting stung by the tricky frame navigation policy -Embed or host user-supplied content without running into the trap of content sniffing For quick reference, "Security Engineering Cheat Sheets" at the end of each chapter offer ready solutions to problems you're most likely to encounter. With coverage extending as far as planned HTML5 features, The Tangled Web will help you create secure web applications that stand the test of time., "Thorough and comprehensive coverage from one of the foremost experts in browser security." --Tavis Ormandy, Google Inc. Modern web applications are built on a tangle of technologies that have been developed over time and then haphazardly pieced together. Every piece of the web application stack, from HTTP requests to browser-side scripts, ......
LC Classification Number
TK5105.59.Z354 2011
Copyright Date
2011
ebay_catalog_id
4
Item description from the seller
Seller assumes all responsibility for this listing.
eBay item number:266400019580
Postage and packaging
Item location:
Orem, Utah, United States
Posts to:
Afghanistan, Albania, Algeria, Andorra, Angola, Anguilla, Antigua and Barbuda, Argentina, Armenia, Aruba, Australia, Austria, Azerbaijan Republic, Bahamas, Bahrain, Bangladesh, Belgium, Belize, Benin, Bermuda, Bhutan, Bolivia, Bosnia and Herzegovina, Botswana, Brazil, Brunei Darussalam, Bulgaria, Burkina Faso, Burundi, Cambodia, Cameroon, Canada, Cape Verde Islands, Cayman Islands, Central African Republic, Chad, Chile, China, Colombia, Costa Rica, Cyprus, Czech Republic, Côte d'Ivoire (Ivory Coast), Democratic Republic of the Congo, Denmark, Djibouti, Dominican Republic, Ecuador, Egypt, El Salvador, Equatorial Guinea, Eritrea, Estonia, Ethiopia, Fiji, Finland, France, Gabon Republic, Gambia, Georgia, Germany, Ghana, Gibraltar, Greece, Greenland, Grenada, Guatemala, Guinea, Guinea-Bissau, Guyana, Haiti, Honduras, Hong Kong, Hungary, Iceland, India, Indonesia, Ireland, Israel, Italy, Jamaica, Japan, Jordan, Kazakhstan, Kenya, Kiribati, Kuwait, Kyrgyzstan, Laos, Latvia, Lebanon, Lesotho, Liberia, Liechtenstein, Lithuania, Luxembourg, Macau, Macedonia, Madagascar, Malawi, Malaysia, Maldives, Mali, Malta, Mauritania, Mauritius, Mexico, Moldova, Monaco, Mongolia, Montenegro, Montserrat, Morocco, Mozambique, Namibia, Nauru, Nepal, Netherlands, New Zealand, Nicaragua, Niger, Nigeria, Norway, Oman, Pakistan, Panama, Papua New Guinea, Paraguay, Peru, Philippines, Poland, Portugal, Qatar, Republic of Croatia, Republic of the Congo, Romania, Rwanda, Saint Kitts-Nevis, Saint Lucia, Saint Vincent and the Grenadines, San Marino, Saudi Arabia, Senegal, Serbia, Seychelles, Sierra Leone, Singapore, Slovakia, Slovenia, Solomon Islands, South Africa, South Korea, Spain, Sri Lanka, Suriname, Swaziland, Sweden, Switzerland, Taiwan, Tajikistan, Tanzania, Thailand, Togo, Tonga, Trinidad and Tobago, Tunisia, Turkey, Turkmenistan, Turks and Caicos Islands, Uganda, United Arab Emirates, United Kingdom, United States, Uruguay, Uzbekistan, Vanuatu, Vatican City State, Vietnam, Wallis and Futuna, Western Samoa, Yemen, Zambia, Zimbabwe
Excludes:
Barbados, French Guiana, French Polynesia, Guadeloupe, Libya, Martinique, New Caledonia, Reunion, Russian Federation, Ukraine, Venezuela
Postage and packaging | To | Service | Delivery*See Delivery notes |
---|---|---|---|
US $4.87 (approx EUR 4.56) | United States | Economy P&P (USPS Media MailTM) | Estimated between Wed, 26 Jun and Sat, 29 Jun to 43230 |
Dispatch time |
---|
Will usually dispatch within 3 working days of receiving cleared payment. |
Taxes |
---|
Taxes may be applicable at checkout. Learn moreLearn more about paying tax on eBay purchases. |
Sales tax for an item #266400019580
Sales tax for an item #266400019580
Seller collects sales tax/VAT for items dispatched to the following states:
County | VAT rate |
---|
Returns policy
Return policy details |
---|
The seller won't accept returns for this item. |
Payment details
Payment methods
Registered as a private seller
Thereby, consumer rights stemming from EU consumer protection law do not apply. eBay buyer protection still applies to most purchases.
Seller Feedback (2,150)
a***a (38)- Feedback left by buyer.
Past month
Verified purchase
very pleased... Thank you!
z***n (1695)- Feedback left by buyer.
Past month
Verified purchase
great seller
e***b (494)- Feedback left by buyer.
Past month
Verified purchase
Excellent , Professional Packing , Helpful Communication, As Described , Thank You ! Highly Recommended Seller, Will Buy Again
More to explore:
- Web Designer Magazines,
- Web Designer Magazines in English,
- Web Designer Monthly Magazines,
- Non-Fiction Paperback Fiction & Web Development Books,
- The Girl in the Spider's Web Fiction Fiction & Non-Fiction Books,
- Biology Study Guide School Textbooks & Study Guides,
- English Study Guide School Textbooks & Study Guides,
- Workbook School Textbooks & Study Guides,
- English School Textbooks & Study Guides,
- Science School Textbooks & Study Guides