A recent survey from the Pew Research Center found that few Americans are confident about the security or privacy of their data—particularly when it comes to the use of online tools. As a web developer, you represent the first line of defense in protecting your user’s data and privacy. This report explores several techniques, tools, and best practices for developing and maintaining web apps that provide the privacy and security that every user needs—and deserves.
Each individual now produces more data every day than people in earlier generations did throughout their lifetimes. Every time we click, tweet, or visit a site, we leave a digital trace. As web developers, we’re responsible for shaping the experiences of users’ online lives. By making ethical, user-centered choices, we can create a better Web for everyone.
- Learn how web tracking works, and how you can provide users with greater privacy controls
- Explore HTTPS and learn how to use this protocol to encrypt user connections
- Use web development frameworks that provide baked-in security support for protecting user data
- Learn methods for securing user authentication, and for sanitizing and validating user input
- Provide exports that allow users to reclaim their data if and when you close your service
This is the third report in the Ethical Web Development series from author Adam Scott. Previous reports in this series include Building Web Apps for Everyone and Building Web Apps That Work Everywhere.
Table of Contents
- 1. Introduction
- 2. Respecting User Privacy
3. Encrypting User Connections with HTTPS
- How HTTPS Works
- Why Use HTTPS
- Implementing HTTPS
- Other Considerations
- Further Reading
4. Securing User Data
- Building on a Strong Foundation
- OWASP Top 10
- Secure User Authentication
- Encrypting User Data
- Sanitizing and Validating User Input
- Cross-Site Request Forgery Attacks
- Security Headers
- Security Disclosures and Bug Bounty Programs
- Further Reading
- 5. Preserving User Data
- 6. Conclusion
- Title: Building Web Apps that Respect a User's Privacy and Security
- Release date: December 2016
- Publisher(s): O'Reilly Media, Inc.
- ISBN: 9781492042921