Securing Ajax Applications: Ensuring the Safety of the Dynamic Web

Securing Ajax Applications: Ensuring the Safety of the Dynamic Web

作者: Christopher Wells
出版社: O'Reilly
出版在: 2007-07-21
ISBN-13: 9780596529314
ISBN-10: 0596529317
裝訂格式: Paperback
總頁數: 256 頁





內容描述


Description

Ajax
applications should be open yet secure. Far too often security is added as an
afterthought. Potential flaws need to be identified and addressed right away.
This book explores Ajax and web application security with an eye for dangerous
gaps and offers ways that you can plug them before they become a problem. By
making security part of the process from the start, you will learn how to
build secure Ajax applications and discover how to respond quickly when
attacks occur.Securing Ajax Applications succinctly explains
that the same back-and-forth communications that make Ajax so responsive also
gives invaders new opportunities to gather data, make creative new requests of
your server, and interfere with the communications between you and your
customers. This book presents basic security techniques and examines
vulnerabilities with JavaScript, XML, JSON, Flash, and other technologies --
vital information that will ultimately save you time and money.Topics
include:

An overview of the evolving web
platform, including APIs, feeds, web services and asynchronous messaging

Web security basics, including
common vulnerabilities, common cures, state management and session
management
How to secure web technologies,
such as Ajax, JavaScript, Java applets, Active X controls, plug-ins, Flash
and Flex
How to protect your server,
including front-line defense, dealing with application servers, PHP and
scripting
Vulnerabilities among web
standards such as HTTP, XML, JSON, RSS, ATOM, REST, and XDOS
How to secure web services,
build secure APIs, and make open mashups secure
Securing Ajax
Applications takes on the challenges created by this new generation of
web development, and demonstrates why web security isn't just for
administrators and back-end programmers any more. It's also for web developers
who accept the responsibility that comes with using the new wonders of the
Web.
Table of Contents

Preface

  1. The Evolving Web  
       The Rise of the Web
  2. Web Security  
       Security Basics      Risk Analysis
         Common Web Application Vulnerabilities

  3. Securing Web
    Technologies      How Web Sites Communicate
         Browser Security      Browser
    Plug-ins, Extensions, and Add-ons

  4. Protecting the Server
         Network Security      Host
    Security      Web Server Hardening  
       Application Server Hardening
  5. A Weak Foundation  
       HTTP Vulnerabilities      The Threats
         JSON      XML
         RSS      Atom  
       REST
  6. Securing Web Services
         Web Services Overview    
     Security and Web Services      Web Service
    Security
  7. Building Secure APIs
         Building Your Own APIs    
     Preconditions      Postconditions
         Invariants      Security Concerns
         RESTful Web Services
  8. Mashups    
     Web Applications and Open Internet APIs    
     Wild Web 2.0      Mashups and Security
         Open Versus Secure      A Security
    Blanket      Case Studies
    Index



相關書籍

大數據智能分析

作者 趙紅艷 王甲琛 苗和平 張清

2007-07-21

輕課程 趣學 Construct 2 設計 2D遊戲:使用 HTML5

作者 傅子恆 劉國有 何祥祿

2007-07-21

CSS3 Foundations (Paperback)

作者 Ian Lunn

2007-07-21