- Shopping Bag ( 0 items )
From Barnes & NobleThe Barnes & Noble Review
Cross-site scripting (XSS) attacks have shown up on sites ranging from Microsoft to MySpace: they may now be the No. 1 threat to web sites and applications. Just in time, there's a comprehensive guide to XSS: how these attacks work, why they're different from other web vulnerabilities (for better and worse), and how to defend against them.
This book's authors -- notably Jeremiah Grossman, founder/CTO of White Hat Security -- are among the world's top XSS experts. Here, they illuminate every category of attack, finding vulnerabilities where you might not expect them (for example, in IMAP3 servers), and presenting case studies where millions of real users have been exposed. Then, once you're sufficiently concerned, the authors turn to solutions: rock-solid input validation, session tokens, HTTP referrer header checking, and much more.
If you're not worried about XSS attacks, you should be. If you are worried, read this book. Bill Camarda, from the June 2007 Read Only