Securing AJAX Applications.pdf
(
1991 KB
)
Pobierz
754224562 UNPDF
Securing Ajax Applications
Christopher Wells
Beijing
•
Cambridge
•
Farnham
•
Köln
•
Paris
•
Sebastopol
•
Taipei
•
Tokyo
Securing Ajax Applications
by Christopher Wells
Copyright © 2007 Christopher Wells. All rights reserved.
Printed in the United States of America.
Published by O’Reilly Media, Inc., 1005 Gravenstein Highway North, Sebastopol, CA 95472.
O’Reilly books may be purchased for educational, business, or sales promotional use. Online editions
are also available for most titles (
safari.oreilly.com
). For more information, contact our
corporate/institutional sales department: (800) 998-9938 or
corporate@oreilly.com
.
Editor:
Tatiana Apandi
Production Editor:
Mary Brady
Production Services:
Tolman Creek Design
Cover Designer:
Karen Montogmery
Interior Designer:
David Futato
Illustrators:
RobertRomanoandJessamynRead
Printing History:
July 2007: First Edition.
Nutshell Handbook, the Nutshell Handbook logo, and the O’Reilly logo are registered trademarks of
O’Reilly Media, Inc.
Securing Ajax Applications
, the image of a spotted hyena, and related trade dress
are trademarks of O’Reilly Media, Inc.
Manyofthedesignationsusedbymanufacturersandsellerstodistinguishtheirproductsareclaimedas
trademarks. Where those designations appear in this book, and O’Reilly Media, Inc. was aware of a
trademark claim, the designations have been printed in caps or initial caps.
Whileeveryprecautionhasbeentakeninthepreparationofthisbook,thepublisherandauthorassume
no responsibility for errors or omissions, or for damages resulting from the use of the information
contained herein.
This book uses RepKover
™
, a durable and flexible lay-flat binding.
ISBN-10: 0-596-52931-7
ISBN-13: 978-0-596-52931-4
[M]
To Jennafer, my honey, and Maggie, my bit of
honey:
you two are what make life so sweet.
Table of Contents
Preface
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
ix
1. The Evolving Web
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
1
The Rise of the Web
2
2. Web Security
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
29
Security Basics
29
Risk Analysis
37
Common Web Application Vulnerabilities
40
3. Securing Web Technologies
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
56
How Web Sites Communicate
56
Browser Security
61
Browser Plug-ins, Extensions, and Add-ons
76
4. Protecting the Server
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
99
Network Security
100
Host Security
103
Web Server Hardening
121
Application Server Hardening
128
5. A Weak Foundation
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
130
HTTP Vulnerabilities
131
The Threats
136
JSON
143
XML
146
RSS
148
Atom
149
REST
152
vii
Plik z chomika:
LukasChomik29
Inne pliki z tego folderu:
JavaScript The Definitive Guide (5th Edition)(1).chm
(2274 KB)
JavaScript & DHTML Cookbook (2nd Edition)(1).pdf
(3017 KB)
JavaScript Pocket Reference (2nd Edition)(1).chm
(102 KB)
Ajax For Dummies(1).pdf
(8163 KB)
Securing AJAX Applications(1).pdf
(1991 KB)
Inne foldery tego chomika:
ActionScript
Active Directory
Apache
ASP
BSD
Zgłoś jeśli
naruszono regulamin