Book description
In The Tangled Web, Michal Zalewski, one of the world's top browser security experts, offers a compelling narrative that explains exactly how browsers work and why they're fundamentally insecure. Rather than dispense simplistic advice on vulnerabilities, Zalewski examines the entire browser security model, revealing weak points and providing crucial information for shoring up web application security.
Table of contents
- The Tangled Web
- PRAISE FOR THE TANGLED WEB
- Dedication
- Preface
- 1. Security in the World of Web Applications
-
I. Anatomy of the Web
- 2. It Starts with a URL
- 3. Hypertext Transfer Protocol
- 4. Hypertext Markup Language
- 5. Cascading Style Sheets
-
6. Browser-Side Scripts
- Basic Characteristics of JavaScript
- Standard Object Hierarchy
- Script Character Encoding
- Code Inclusion Modes and Nesting Risks
- The Living Dead: Visual Basic
- 7. Non-HTML Document Types
- 8. Content Rendering with Browser Plug-ins
-
II. Browser Security Features
- 9. Content Isolation Logic
- 10. Origin Inheritance
- 11. Life Outside Same-Origin Rules
- 12. Other Security Boundaries
- 13. Content Recognition Mechanisms
- 14. Dealing with Rogue Scripts
- 15. Extrinsic Site Privileges
- III. A Glimpse of Things to Come
- 18. Common Web Vulnerabilities
- A. Epilogue
- Notes
- Index
- About the Author
- UPDATES
- Copyright
Product information
- Title: The Tangled Web
- Author(s):
- Release date: November 2011
- Publisher(s): No Starch Press
- ISBN: 9781593273880
You might also like
book
Hands-On Machine Learning with Scikit-Learn, Keras, and TensorFlow, 2nd Edition
Through a series of recent breakthroughs, deep learning has boosted the entire field of machine learning. …
book
Practical Malware Analysis
For those who want to stay ahead of the latest malware, Practical Malware Analysis will teach …
book
Penetration Testing
In Penetration Testing, security researcher and trainer Georgia Weidman provides you with a survey of important …
book
Automate the Boring Stuff with Python, 2nd Edition
If you’ve ever spent hours renaming files or updating hundreds of spreadsheet cells, you know how …