While you might be tempted just to skip to a particular chapter that interests you—say, Chapter 3, which deals with authentication, or Chapter 7, which deals with database security—you’ll probably be better served by starting at the front and reading through to the end. Our primary goal here is not to “give you a fish” by simply showing you security vulnerabilities, but rather to “teach you to fish” by discussing universal security principles. You should be able to take the same concepts you’ll learn in Chapter 4 on authorization and session management and apply them to the browser security issues found in Chapter 6. So again, please resist the temptation to skip around, at least on your first pass through.

We’ve divided this book ...

Get Web Application Security, A Beginner's Guide now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.