Security for Web Developers
Web security is a vast and constantly evolving topic, just like web technologies themselves. Among your duties as a professional web developer, you must be aware of the dangers to which the applications you create may be exposed and apply appropriate solutions to protect them.
This book will drive you through a hands-on exploration of a few of the most notorious threats that can affect web applications. Reading it you will learn:
- How Cross-Site Scripting (XSS) works and how you prevent it
- The mechanics of Cross-Site Request Forgery (CSRF) attacks and how you can defend against them
- How to prevent Clickjacking attacks
- How to mitigate Third-Party assets security risks
- How attackers can downgrade HTTPS connections to unencrypted HTTP traffic