Picture 1 of 8
Gallery
Picture 1 of 8
Have one to sell?
Tangled Web : A Guide to Securing Modern Web Applications by Michal Zalewski...
US $9.99
ApproximatelyS$ 12.94
Condition:
Good
A book that has been read but is in good condition. Very minimal damage to the cover including scuff marks, but no holes or tears. The dust jacket for hard covers may not be included. Binding has minimal wear. The majority of pages are undamaged with minimal creasing or tearing, minimal pencil underlining of text, no highlighting of text, no writing in margins. No missing pages.
Oops! Looks like we're having trouble connecting to our server.
Refresh your browser window to try again.
Shipping:
US $5.22 (approx S$ 6.76) USPS Media MailTM.
Located in: Bensalem, Pennsylvania, United States
Delivery:
Estimated between Thu, 23 Oct and Mon, 27 Oct to 94104
Returns:
No returns accepted.
Coverage:
Read item description or contact seller for details. See all detailsSee all details on coverage
(Not eligible for eBay purchase protection programmes)
Seller assumes all responsibility for this listing.
eBay item number:226804853844
Item specifics
- Condition
- ISBN
- 9781593273880
About this product
Product Identifiers
Publisher
No Starch Press, Incorporated
ISBN-10
1593273886
ISBN-13
9781593273880
eBay Product ID (ePID)
109201203
Product Key Features
Number of Pages
320 Pages
Language
English
Publication Name
Tangled Web : a Guide to Securing Modern Web Applications
Publication Year
2011
Subject
Internet / General, Networking / General, Security / General, Security / Networking, Networking / Network Protocols
Features
New Edition
Type
Textbook
Subject Area
Computers
Format
Trade Paperback
Dimensions
Item Height
0.8 in
Item Weight
21.8 Oz
Item Length
9.2 in
Item Width
6.9 in
Additional Product Features
Intended Audience
Trade
LCCN
2011-039636
Reviews
"A classic - arguably canon - as far as security training books go, and especially when it comes to web application security." --Britt Kemp, Bishop Fox Labs
Dewey Edition
23
TitleLeading
The
Illustrated
Yes
Dewey Decimal
005.8
Edition Description
New Edition
Table Of Content
Preface and Acknowledgments 1. Security in the World of Web Applications Part I: Anatomy of the Web 2. It Starts with A URL 3. Hypertext Transfer Protocol 4. Hypertext Markup Language 5. Cascading Style Sheets 6. Browser-Side Scripts 7. Non-HTML Document Types 8. Content Rendering with Browser Plug-Ins Part II: Browser Security Features 9. Content Isolation Logic 10. Origin Inheritance 11. Life Outside Same-Origin Rules 12. Other Security Boundaries 13. Content Recognition Mechanisms 14. Dealing with Rogue Scripts 15. Extrinsic Site Privileges Part III: A Glimpse of Things to Come 16. New and Upcoming Security Features 17. Other Browser Mechanisms of Note 18. Common Web Vulnerabilities Epilogue Notes Index
Synopsis
"Thorough and comprehensive coverage from one of the foremost experts in browser security." --Tavis Ormandy, Google Inc. Modern web applications are built on a tangle of technologies that have been developed over time and then haphazardly pieced together. Every piece of the web application stack, from HTTP requests to browser-side scripts, comes with important yet subtle security consequences. To keep users safe, it is essential for developers to confidently navigate this landscape. In The Tangled Web, Michal Zalewski, one of the world's top browser security experts, offers a compelling narrative that explains exactly how browsers work and why they're fundamentally insecure. Rather than dispense simplistic advice on vulnerabilities, Zalewski examines the entire browser security model, revealing weak points and providing crucial information for shoring up web application security. You'll learn how to: * Perform common but surprisingly complex tasks such as URL parsing and HTML sanitization * Use modern security features like Strict Transport Security, Content Security Policy, and Cross-Origin Resource Sharing * Leverage many variants of the same-origin policy to safely compartmentalize complex web applications and protect user credentials in case of XSS bugs * Build mashups and embed gadgets without getting stung by the tricky frame navigation policy * Embed or host user-supplied content without running into the trap of content sniffing For quick reference, "Security Engineering Cheat Sheets" at the end of each chapter offer ready solutions to problems you're most likely to encounter. With coverage extending as far as planned HTML5 features, The Tangled Web will help you create secure web applications that stand the test of time., Modern web applications are built on a tangle of technologies that have been developed over time and then haphazardly pieced together. Every piece of the web application stack, from HTTP requests to browser-side scripts, comes with important yet subtle security consequences. To keep users safe, it is essential for developers to confidently navigate this landscape. In The Tangled Web, Michal Zalewski, one of the world s top browser security experts, offers a compelling narrative that explains exactly how browsers work and why they re fundamentally insecure. Rather than dispense simplistic advice on vulnerabilities, Zalewski examines the entire browser security model, revealing weak points and providing crucial information for shoring up web application security. You ll learn how to: Perform common but surprisingly complex tasks such as URL parsing and HTML sanitization Use modern security features like Strict Transport Security, Content Security Policy, and Cross-Origin Resource Sharing Leverage many variants of the same-origin policy to safely compartmentalize complex web applications and protect user credentials in case of XSS bugs Build mashups and embed gadgets without getting stung by the tricky frame navigation policy Embed or host user-supplied content without running into the trap of content sniffing For quick reference, 'Security Engineering Cheat Sheets' at the end of each chapter offer ready solutions to problems you re most likely to encounter. With coverage extending as far as planned HTML5 features, The Tangled Web will help you create secure web applications that stand the test of time., Modern web applications are built on a tangle of technologies that have been developed over time and then haphazardly pieced together. Every piece of the web application stack, from HTTP requests to browser-side scripts, comes with important yet subtle security consequences. To keep users safe, it is essential for developers to confidently navigate this landscape. In The Tangled Web , Michal Zalewski, one of the world's top browser security experts, offers a compelling narrative that explains exactly how browsers work and why they're fundamentally insecure. Rather than dispense simplistic advice on vulnerabilities, Zalewski examines the entire browser security model, revealing weak points and providing crucial information for shoring up web application security. You'll learn how to: -Perform common but surprisingly complex tasks such as URL parsing and HTML sanitization -Use modern security features like Strict Transport Security, Content Security Policy, and Cross-Origin Resource Sharing -Leverage many variants of the same-origin policy to safely compartmentalize complex web applications and protect user credentials in case of XSS bugs -Build mashups and embed gadgets without getting stung by the tricky frame navigation policy -Embed or host user-supplied content without running into the trap of content sniffing For quick reference, "Security Engineering Cheat Sheets" at the end of each chapter offer ready solutions to problems you're most likely to encounter. With coverage extending as far as planned HTML5 features, The Tangled Web will help you create secure web applications that stand the test of time., "Thorough and comprehensive coverage from one of the foremost experts in browser security." --Tavis Ormandy, Google Inc. Modern web applications are built on a tangle of technologies that have been developed over time and then haphazardly pieced together. Every piece of the web application stack, from HTTP requests to browser-side scripts, ......
LC Classification Number
TK5105.59.Z354 2011
Item description from the seller
Seller feedback (277)
- u***1 (19)- Feedback left by buyer.Past monthVerified purchaseThis out of print, vintage manual arrived in great condition for it's age. It is complete and as described and shown. I'm glad it came packaged very well in bubble wrap inside a well fitting box. The shipping time was very fast and exceeded my expectations. The seller, echo time, was great to work with and very quick to respond. I would highly recommend dealing with such an upstanding eBay vendor.
- m***8 (10)- Feedback left by buyer.Past 6 monthsVerified purchaseReceive my item, professionally packed with cardboard in a plastic bag and also in a sturdy shipping bag thank you so much for your prompt service items were shipped as described and thank you for valuing your customers and I believe that the item I bought was a great value looking forward to doing business with you again pretty soon.
- s***k (786)- Feedback left by buyer.Past 6 monthsVerified purchaseThe package arrived in a timely manner. The seller went over the top to make sure the amp was well packaged to prevent damage (it was double-boxed with big bubble wrap in between the inside and outside box). Item was super nice + as described, excellent value! Thanks!Vintage Kenwood KA-7100 DC Stereo Integrated Amplifier - 60 W/Ch - Wood Case (#226863346101)
Seller feedback (277)
- u***1 (19)- Feedback left by buyer.Past monthVerified purchaseThis out of print, vintage manual arrived in great condition for it's age. It is complete and as described and shown. I'm glad it came packaged very well in bubble wrap inside a well fitting box. The shipping time was very fast and exceeded my expectations. The seller, echo time, was great to work with and very quick to respond. I would highly recommend dealing with such an upstanding eBay vendor.
- m***8 (10)- Feedback left by buyer.Past 6 monthsVerified purchaseReceive my item, professionally packed with cardboard in a plastic bag and also in a sturdy shipping bag thank you so much for your prompt service items were shipped as described and thank you for valuing your customers and I believe that the item I bought was a great value looking forward to doing business with you again pretty soon.
- s***k (786)- Feedback left by buyer.Past 6 monthsVerified purchaseThe package arrived in a timely manner. The seller went over the top to make sure the amp was well packaged to prevent damage (it was double-boxed with big bubble wrap in between the inside and outside box). Item was super nice + as described, excellent value! Thanks!Vintage Kenwood KA-7100 DC Stereo Integrated Amplifier - 60 W/Ch - Wood Case (#226863346101)