PROGRAMMER TUTORIALS
solutions to programmer problems
ASP
C#
C++
COBOL
Delphi
HTML
Java
J2EE
JavaScript
JSP
.NET
Perl
PHP
SQL
Visual Basic
XML
View Shopping Cart


Get a FREE Apple iPod Photo

  Books : Ajax Security


List Price: $49.99
Amazon.com's Price: $31.49
You Save: $18.50 (37%)
Prices subject to change.

Used Price: $21.50
Third Party New Price: $25.35


Availability: Usually ships in 24 hours




Binding: Paperback
Dewey Decimal Number: 005.8
EAN: 9780321491930
ISBN: 0321491939
Label: Addison-Wesley Professional
Manufacturer: Addison-Wesley Professional
Number Of Items: 1
Number Of Pages: 504
Publication Date: December 16, 2007
Publisher: Addison-Wesley Professional
Sales Rank: 355537
Studio: Addison-Wesley Professional



Accessories: Related Items:

Editorial Review:

Product Description

The Hands-On, Practical Guide to Preventing Ajax-Related Security Vulnerabilities

 

More and more Web sites are being rewritten as Ajax applications; even traditional desktop software is rapidly moving to the Web via Ajax. But, all too often, this transition is being made with reckless disregard for security. If Ajax applications aren’t designed and coded properly, they can be susceptible to far more dangerous security vulnerabilities than conventional Web or desktop software. Ajax developers desperately need guidance on securing their applications: knowledge that’s been virtually impossible to find, until now.

            Ajax Security systematically debunks today’s most dangerous myths about Ajax security, illustrating key points with detailed case studies of actual exploited Ajax vulnerabilities, ranging from MySpace’s Samy worm to MacWorld’s conference code validator. Even more important, it delivers specific, up-to-the-minute recommendations for securing Ajax applications in each major Web programming language and environment, including .NET, Java, PHP, and even Ruby on Rails. You’ll learn how to:

 

·        Mitigate unique risks associated with Ajax, including overly granular Web services, application control flow tampering, and manipulation of program logic

·        Write new Ajax code more safely—and identify and fix flaws in existing code

·        Prevent emerging Ajax-specific attacks, including JavaScript hijacking and persistent storage theft

·        Avoid attacks based on XSS and SQL Injection—including a dangerous SQL Injection variant that can extract an entire backend database with just two requests

·        Leverage security built into Ajax frameworks like Prototype, Dojo, and ASP.NET AJAX Extensions—and recognize what you still must implement on your own

·        Create more secure “mashup” applications

 

Ajax Security will be an indispensable resource for developers coding or maintaining Ajax applications; architects and development managers planning or designing new Ajax software, and all software security professionals, from QA specialists to penetration testers.






Customer Reviews
Average Rating: out of 5 stars

Rating: 5 out of 5 stars - Very well written.
The book is nicely organized and gives a very clear introduction to concepts of web application security, including listing major vulnerabilities and attack vectors and then after establishing these basics it dives in with examples, details and tips to explain Ajax, its usage, its mis-usage and the security implications. The attack vectors are not only mentioned or explained in theory, they are given an example story as context, and for understanding attackers' motivation, and then carefully detail ... Read More


Rating: 5 out of 5 stars - Ajax Security
This is very good book. I've created so many websites using AJAX techonlogy. This book provided me to check how secure the websites are. I am glad that I fullfilled all the details without having the through knowledge of AJAX security. But this book has collected all the security check point at one place.


Rating: 4 out of 5 stars - Every ajax developer must read it
A lot of examples shows how absolutely everything could be attacked and corrupted in the chain of components used for building ajax applications, from css (yes even css) to html, from javascript to http, from browser to server ... Sometimes there's too much lines about evident things and sometimes things seems more proof of concept than real possible attacks. But these guys know what they are talking about. This is an excellent book that every serious ajax developer must have read, specially if they ... Read More


Rating: 5 out of 5 stars - Curiosity Killed the Internet
Are you a web developer? Do you believe you can ensure that your client-side code will function as expected? Well, you are wrong. In Ajax Security you will find out why.

Ajax changes the game in that it moves business logic to the client. In doing so it increases the attack surface of the application. The authors get curious with some real world Ajax frameworks such as Prototype, Dojo, and Microsoft Ajax. They demonstrate with these frameworks how developers might be unknowingly building ... Read More


Rating: 5 out of 5 stars - how to prevent web/ajax attacks
Anyone involved in developing/testing AJAX should read "AJAX Security." It covers preventing a hacker from attaching your application. The audience includes developers, QA and penetration testers. While there are code snippets, they are explained well. While managers aren't in the target audience, I think they could benefit from understanding the concepts presented in the book.

The book begins with a brief review of AJAX architecture with an emphasis on security. The writing style is ... Read More


2000-2006 ProgrammerTutorials.com
Our Partner Sites
Buy Books, Music and Games | Domain Names Center | Web Hosting Guide
Debt Consolidation Loans | Clear Credit Card Debt
Buy Movies and Music | Camera & Photo Shed | Buy Electronics | Buy Video Games

Top100WebShops.com