Chapter 18. Common Web Vulnerabilities

Up until this point, we have paid little attention to the taxonomy of common web vulnerabilities. Gaining insight into the underlying mechanics of web applications is far more important than memorizing several thousand random and often unnecessary terms; nomenclature such as improper restriction of operations within the bounds of a memory buffer (Common Weakness Enumeration) or insecure direct object references (Open Web Application Security Project) finds no place in a reasonable conversation—and rightly so.

Nevertheless, the industry has come up with a handful of reasonably precise phrases that security researchers use every day. Having thoroughly discussed the inner workings of the browser, it seems useful ...

Get The Tangled Web now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.