• Home
  • About 404TS
  • Contact

404 Tech Support

Where IT Help is Found

  • Articles
    • Code
    • Entertainment
    • Going Green
    • Hardware, Gadgets, and Products
    • Management
    • Network
    • News
    • Operating Systems
    • Security and Privacy
    • Software
    • System Administration
    • Talking Points
    • Tech Solutions
    • Web
    • Webmaster
  • Reviews
  • Media
    • Infographics
    • Videos
  • Tech Events
  • Tools
    • How do I find my IP address?
    • Browser and plugin tests
  • Get a Technical Consultation
You are here: Home / Articles / Reviews / Book Review: Tangled Web – A Guide to Securing Modern Web Applications

Book Review: Tangled Web – A Guide to Securing Modern Web Applications

2012-01-26 by Jason

Tangled Web by Michal Zalewski is an incredibly detailed book on the topic of web technologies. It includes an encyclopedic history of HTTP, HTML, browsers, and the path that has led us to where we are now. The book is well referenced with plenty of endnotes to guide you to further reading on the topics. With a focus on security in web applications, the amount of knowledge conveyed in the book is breath-taking. If you were to have this information available at your finger tips, the insights and recommendations will certainly make for more secure and competent web applications.

The book covers the material almost like a textbook but also reflects the passion for security the author must have. In the broad sense, the book covers these topics:

  • Anatomy of the Web
  • Browser Security Features
  • A Glimpse of Things to Come

The anatomy of the web section covers information security in a nutshell, history of the web, the evolution of a threat, structure of URLs, character encoding, URL schemes, HTTP, request types, response codes, HTML, CSS, scripts, non-HTML document types, and browser plug-ins.

The browser security features section covers content isolation logic, origin inheritance, life outside same-origin rules, other security boundaries, content recognition mechanisms, dealing with rogue scripts, and extrinsic site privileges.

A glimpse of things to come explores new and upcoming security features, other browser mechanisms of note, and common web vulnerabilities.

Every chapter concludes with a Security Engineering Cheat Sheet. It provides concluding practical tips and suggestions for things related to the chapter’s topic. Including an index at the back of the book, it seems the book will be frequently used and easily referenced.

Tangled Web was a great read. It was very technical but that allowed it to be a great authority on the topic of security. Recalling how the web was created, the industry-stimulating browser wars, and how things are finally reaching standards really shows how security was only a second-thought (if that) and modern developments of faster computers and sufficient bandwidth has opened up the web to the malicious. Hopefully with figures like the author, Michal Zalewski, in the industry, we are turning things around for the next milestone in the history of the Internet.

Filed Under: Reviews, Security and Privacy, Webmaster

Trending

  • Security weaknesses in smart homes
    In Infographics
  • Password Security Basics
    In Media, Security and Privacy, System Administration
  • Java 7 “Application Blocked by Security Settings”
    In Software, Tech Solutions

Latest Media Posts

Find Out Where To Download SNES ROMs

Find Out Where To Download SNES ROMs

Multifunctional Video Conversion Tools – Wondershare Video Converter

Multifunctional Video Conversion Tools – Wondershare Video Converter

  • Popular
  • Latest
  • Today Week Month All
  • SOLVED: “This modification is not allowed because the selection is locked.” SOLVED: "This modification is not allowed because the selection is locked."
  • What is the AllJoyn Router Service on Windows 10? What is the AllJoyn Router Service on Windows 10?
  • Increase IIS Private Memory Limit to improve WSUS availability Increase IIS Private Memory Limit to improve WSUS availability
  • How to ‘Unblock’ multiple files at a time with PowerShell How to 'Unblock' multiple files at a time with PowerShell
  • Troubleshooting time synchronization for domain-joined computers Troubleshooting time synchronization for domain-joined computers
  • 3d rendering circuit cloud for cloud computing technology What Is An Ellucian Migration And Is It Important?
  • Remote monitoring of text messages on a mobile device Remote monitoring of text messages on a mobile device
  • ​Great Tech Tips For Remote Workers ​Great Tech Tips For Remote Workers
  • Ideas That Will Free up MacBook Hard Drive Ideas That Will Free up MacBook Hard Drive
  • Advantages Of Video Conferencing For Small Businesses Advantages Of Video Conferencing For Small Businesses
Ajax spinner

Elevator Pitch

404 Tech Support documents solutions to IT problems, shares worthwhile software and websites, and reviews hardware, consumer electronics, and technology-related books.

Subscribe to 404TS articles by email.

Recent Posts

  • What Is An Ellucian Migration And Is It Important?
  • Remote monitoring of text messages on a mobile device
  • ​Great Tech Tips For Remote Workers

Search

FTC Disclaimer

404TechSupport is an Amazon.com affiliate; when you click on an Amazon link from 404TS, the site gets a cut of the proceeds from whatever you buy. This site also uses Skimlinks for smart monetization of other affiliate links.
Use of this site requires displaying and viewing ads as they are presented.

Copyright © 2021 · Magazine Pro Theme on Genesis Framework · WordPress · Log in