The Tangled Web: A Guide to Securing Modern Web Applications
by Michael Zalewsi
Michal Zalewski's The Tangled Web provides a deep exploration of web browser security and the chaotic landscape of web standards that create security vulnerabilities. Rather than cataloging specific attack techniques, Zalewski dissects the fundamental building blocks of the web, including URL parsing, HTTP protocol behavior, HTML rendering, CSS processing, JavaScript execution, and the same-origin policy, to explain why web security is so difficult. Each chapter covers a different layer of the web stack, documenting the inconsistencies between browser implementations, the historical accidents that created security holes, and the defense mechanisms that attempt to contain the resulting chaos. The book is essential reading for anyone building or testing web applications, as it provides the foundational understanding of browser behavior that makes both attacks and defenses make sense.
Available formats
Book Details
- Author
- Michael Zalewsi
- Year
- 2011
- Category
- Web Security
- ISBN
- 978-1593273880
- Formats
- Paperback, Kindle
Related Books
The Web Application Hacker's Handbook: First Edition
Marcus Pinto & Dafydd Stuttard
The original guide to finding and exploiting web application security flaws. Written by the creator of Burp Suite.
The Web Application Hacker's Handbook: Second Edition
Dafydd Stuttard & Marcus Pinto
Comprehensive updated guide to discovering and exploiting security flaws in web applications. By the creator of Burp Suite.
Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks
Michael Zalewsi
Silence on the Wire is a deeply technical exploration of passive network reconnaissance and information leakage. Michal Zalewski examines how seemingly innocuous network traffic reveals far more than.