Tangled Web : A Guide to Securing Modern Web Applications by Michal Zalewski...

Echotime
(276)
Angemeldet als privater Verkäufer
Verbraucherschützende Vorschriften, die sich aus dem EU-Verbraucherrecht ergeben, finden daher keine Anwendung. Der eBay-Käuferschutz gilt dennoch für die meisten Käufe. Mehr erfahren
Mehr Artikel des Verkäufers
Verkäufer kontaktieren
US $9,99
Ca.EUR 8,57
Artikelzustand:
Gut
Das interessiert die Leute. 2 haben das auf ihrer Beobachtungsliste.
Versand:
US $5,22 (ca. EUR 4,48) USPS Media MailTM.
Standort: Bensalem, Pennsylvania, USA
Lieferung:
Lieferung zwischen Do, 23. Okt und Mo, 27. Okt nach 94104 bei heutigem Zahlungseingang
Wir wenden ein spezielles Verfahren zur Einschätzung des Liefertermins an – in diese Schätzung fließen Faktoren wie die Entfernung des Käufers zum Artikelstandort, der gewählte Versandservice, die bisher versandten Artikel des Verkäufers und weitere ein. Insbesondere während saisonaler Spitzenzeiten können die Lieferzeiten abweichen.
Rücknahme:
Keine Rücknahme.
Zahlungen:
   Diners Club 

Sicher einkaufen

eBay-Käuferschutz
Geld zurück, wenn etwas mit diesem Artikel nicht stimmt. Mehr erfahreneBay-Käuferschutz - wird in neuem Fenster oder Tab geöffnet

  • Gratis Rückversand im Inland
  • Punkte für jeden Kauf und Verkauf
  • Exklusive Plus-Deals
Mehr erfahren- eBay Plus - wird in neuem Fenster oder Tab geöffnet
Der Verkäufer ist für dieses Angebot verantwortlich.
eBay-Artikelnr.:226804853844
Zuletzt aktualisiert am 19. Jul. 2025 19:22:17 MESZAlle Änderungen ansehenAlle Änderungen ansehen

Artikelmerkmale

Artikelzustand
Gut: Buch, das gelesen wurde, sich aber in einem guten Zustand befindet. Der Einband weist nur sehr ...
ISBN
9781593273880
Kategorie

Über dieses Produkt

Product Identifiers

Publisher
No Starch Press, Incorporated
ISBN-10
1593273886
ISBN-13
9781593273880
eBay Product ID (ePID)
109201203

Product Key Features

Number of Pages
320 Pages
Language
English
Publication Name
Tangled Web : a Guide to Securing Modern Web Applications
Publication Year
2011
Subject
Internet / General, Networking / General, Security / General, Security / Networking, Networking / Network Protocols
Features
New Edition
Type
Textbook
Subject Area
Computers
Author
Michal Zalewski
Format
Trade Paperback

Dimensions

Item Height
0.8 in
Item Weight
21.8 Oz
Item Length
9.2 in
Item Width
6.9 in

Additional Product Features

Intended Audience
Trade
LCCN
2011-039636
Reviews
"A classic - arguably canon - as far as security training books go, and especially when it comes to web application security." --Britt Kemp, Bishop Fox Labs
Dewey Edition
23
TitleLeading
The
Illustrated
Yes
Dewey Decimal
005.8
Edition Description
New Edition
Table Of Content
Preface and Acknowledgments 1. Security in the World of Web Applications Part I: Anatomy of the Web 2. It Starts with A URL 3. Hypertext Transfer Protocol 4. Hypertext Markup Language 5. Cascading Style Sheets 6. Browser-Side Scripts 7. Non-HTML Document Types 8. Content Rendering with Browser Plug-Ins Part II: Browser Security Features 9. Content Isolation Logic 10. Origin Inheritance 11. Life Outside Same-Origin Rules 12. Other Security Boundaries 13. Content Recognition Mechanisms 14. Dealing with Rogue Scripts 15. Extrinsic Site Privileges Part III: A Glimpse of Things to Come 16. New and Upcoming Security Features 17. Other Browser Mechanisms of Note 18. Common Web Vulnerabilities Epilogue Notes Index
Synopsis
"Thorough and comprehensive coverage from one of the foremost experts in browser security." --Tavis Ormandy, Google Inc. Modern web applications are built on a tangle of technologies that have been developed over time and then haphazardly pieced together. Every piece of the web application stack, from HTTP requests to browser-side scripts, comes with important yet subtle security consequences. To keep users safe, it is essential for developers to confidently navigate this landscape. In The Tangled Web, Michal Zalewski, one of the world's top browser security experts, offers a compelling narrative that explains exactly how browsers work and why they're fundamentally insecure. Rather than dispense simplistic advice on vulnerabilities, Zalewski examines the entire browser security model, revealing weak points and providing crucial information for shoring up web application security. You'll learn how to: * Perform common but surprisingly complex tasks such as URL parsing and HTML sanitization * Use modern security features like Strict Transport Security, Content Security Policy, and Cross-Origin Resource Sharing * Leverage many variants of the same-origin policy to safely compartmentalize complex web applications and protect user credentials in case of XSS bugs * Build mashups and embed gadgets without getting stung by the tricky frame navigation policy * Embed or host user-supplied content without running into the trap of content sniffing For quick reference, "Security Engineering Cheat Sheets" at the end of each chapter offer ready solutions to problems you're most likely to encounter. With coverage extending as far as planned HTML5 features, The Tangled Web will help you create secure web applications that stand the test of time., Modern web applications are built on a tangle of technologies that have been developed over time and then haphazardly pieced together. Every piece of the web application stack, from HTTP requests to browser-side scripts, comes with important yet subtle security consequences. To keep users safe, it is essential for developers to confidently navigate this landscape. In The Tangled Web, Michal Zalewski, one of the world s top browser security experts, offers a compelling narrative that explains exactly how browsers work and why they re fundamentally insecure. Rather than dispense simplistic advice on vulnerabilities, Zalewski examines the entire browser security model, revealing weak points and providing crucial information for shoring up web application security. You ll learn how to: Perform common but surprisingly complex tasks such as URL parsing and HTML sanitization Use modern security features like Strict Transport Security, Content Security Policy, and Cross-Origin Resource Sharing Leverage many variants of the same-origin policy to safely compartmentalize complex web applications and protect user credentials in case of XSS bugs Build mashups and embed gadgets without getting stung by the tricky frame navigation policy Embed or host user-supplied content without running into the trap of content sniffing For quick reference, 'Security Engineering Cheat Sheets' at the end of each chapter offer ready solutions to problems you re most likely to encounter. With coverage extending as far as planned HTML5 features, The Tangled Web will help you create secure web applications that stand the test of time., Modern web applications are built on a tangle of technologies that have been developed over time and then haphazardly pieced together. Every piece of the web application stack, from HTTP requests to browser-side scripts, comes with important yet subtle security consequences. To keep users safe, it is essential for developers to confidently navigate this landscape. In The Tangled Web , Michal Zalewski, one of the world's top browser security experts, offers a compelling narrative that explains exactly how browsers work and why they're fundamentally insecure. Rather than dispense simplistic advice on vulnerabilities, Zalewski examines the entire browser security model, revealing weak points and providing crucial information for shoring up web application security. You'll learn how to: -Perform common but surprisingly complex tasks such as URL parsing and HTML sanitization -Use modern security features like Strict Transport Security, Content Security Policy, and Cross-Origin Resource Sharing -Leverage many variants of the same-origin policy to safely compartmentalize complex web applications and protect user credentials in case of XSS bugs -Build mashups and embed gadgets without getting stung by the tricky frame navigation policy -Embed or host user-supplied content without running into the trap of content sniffing For quick reference, "Security Engineering Cheat Sheets" at the end of each chapter offer ready solutions to problems you're most likely to encounter. With coverage extending as far as planned HTML5 features, The Tangled Web will help you create secure web applications that stand the test of time., "Thorough and comprehensive coverage from one of the foremost experts in browser security." --Tavis Ormandy, Google Inc. Modern web applications are built on a tangle of technologies that have been developed over time and then haphazardly pieced together. Every piece of the web application stack, from HTTP requests to browser-side scripts, ......
LC Classification Number
TK5105.59.Z354 2011

Artikelbeschreibung des Verkäufers

Info zu diesem Verkäufer

Echotime

100% positive Bewertungen463 Artikel verkauft

Mitglied seit Mai 2025
Antwortet meist innerhalb 1 Stunde
Angemeldet als privater VerkäuferDaher finden verbraucherschützende Vorschriften, die sich aus dem EU-Verbraucherrecht ergeben, keine Anwendung. Der eBay-Käuferschutz gilt dennoch für die meisten Käufe. Mehr erfahrenMehr erfahren
Welcome to Echotime!Passionate about timeless pieces with character - from vintage electronics and classic literature to antique décor and rare collectibles.Each item tells a story.Follow us for ...
Mehr anzeigen
Shop besuchenKontakt

Detaillierte Verkäuferbewertungen

Durchschnitt in den letzten 12 Monaten
Genaue Beschreibung
4.9
Angemessene Versandkosten
4.9
Lieferzeit
5.0
Kommunikation
5.0

Verkäuferbewertungen (277)

Alle Bewertungenselected
Positiv
Neutral
Negativ
  • u***1 (19)- Bewertung vom Käufer.
    Letzter Monat
    Bestätigter Kauf
    This out of print, vintage manual arrived in great condition for it's age. It is complete and as described and shown. I'm glad it came packaged very well in bubble wrap inside a well fitting box. The shipping time was very fast and exceeded my expectations. The seller, echo time, was great to work with and very quick to respond. I would highly recommend dealing with such an upstanding eBay vendor.
    Vintage 1929 Noe’s Graduated Xercisors Olympic Model (Nr. 226821032190)
  • m***8 (10)- Bewertung vom Käufer.
    Letzte 6 Monate
    Bestätigter Kauf
    Receive my item, professionally packed with cardboard in a plastic bag and also in a sturdy shipping bag thank you so much for your prompt service items were shipped as described and thank you for valuing your customers and I believe that the item I bought was a great value looking forward to doing business with you again pretty soon.
    Superman #75 1992 DC Comics Death Of Superman Memorial Set Sealed Black Poly Bag (Nr. 226917239583)
  • s***k (786)- Bewertung vom Käufer.
    Letzte 6 Monate
    Bestätigter Kauf
    The package arrived in a timely manner. The seller went over the top to make sure the amp was well packaged to prevent damage (it was double-boxed with big bubble wrap in between the inside and outside box). Item was super nice + as described, excellent value! Thanks!
    Vintage Kenwood KA-7100 DC Stereo Integrated Amplifier - 60 W/Ch - Wood Case (Nr. 226863346101)
Alle Bewertungen ansehen

Noch mehr entdecken: