Book description
In The Tangled Web, Michal Zalewski, one of the world's top browser security experts, offers a compelling narrative that explains exactly how browsers work and why they're fundamentally insecure. Rather than dispense simplistic advice on vulnerabilities, Zalewski examines the entire browser security model, revealing weak points and providing crucial information for shoring up web application security.
Table of contents
- The Tangled Web
- PRAISE FOR THE TANGLED WEB
- Dedication
- Preface
- 1. Security in the World of Web Applications
-
I. Anatomy of the Web
- 2. It Starts with a URL
- 3. Hypertext Transfer Protocol
- 4. Hypertext Markup Language
- 5. Cascading Style Sheets
-
6. Browser-Side Scripts
- Basic Characteristics of JavaScript
- Standard Object Hierarchy
- Script Character Encoding
- Code Inclusion Modes and Nesting Risks
- The Living Dead: Visual Basic
- 7. Non-HTML Document Types
- 8. Content Rendering with Browser Plug-ins
-
II. Browser Security Features
- 9. Content Isolation Logic
- 10. Origin Inheritance
- 11. Life Outside Same-Origin Rules
- 12. Other Security Boundaries
- 13. Content Recognition Mechanisms
- 14. Dealing with Rogue Scripts
- 15. Extrinsic Site Privileges
- III. A Glimpse of Things to Come
- 18. Common Web Vulnerabilities
- A. Epilogue
- Notes
- Index
- About the Author
- UPDATES
- Copyright
Product information
- Title: The Tangled Web
- Author(s):
- Release date: November 2011
- Publisher(s): No Starch Press
- ISBN: 9781593273880
You might also like
book
The Web Application Hacker's Handbook, 2nd Edition
The highly successful security book returns with a new edition, completely updated Web applications are the …
book
Hacking: The Art of Exploitation, 2nd Edition
Hacking is the art of creative problem solving, whether that means finding an unconventional solution to …
book
Penetration Testing
In Penetration Testing, security researcher and trainer Georgia Weidman provides you with a survey of important …
book
Linux Basics for Hackers
If you’re getting started along the exciting path of hacking, cybersecurity, and pentesting, Linux Basics for …