買這商品的人也買了...
-
使用案例寫作實務 - 寫作指南、祕訣與範本 (Writing Effective Use Cases)$650$553 -
More Effective C++ 國際中文版(最新修訂本) (More Effective C++: 35 New Ways to Improve Your Programs and Designs)$520$442 -
MATLAB 程式設計-入門篇, 2/e$600$199 -
Linux 指令詳解辭典$650$553 -
ASP.NET 2.0 深度剖析範例集$650$507 -
Microsoft SQL Server 2005 管理實務$680$578 -
SQL 語法範例辭典$550$468 -
初探 VoIP (Voice over IP First-step)$390$332 -
Microsoft Office SharePoint Server 2007 新一代企業 Web 解決方案(第一集)$690$545 -
Linux 驅動程式, 3/e (Linux Device Drivers, 3/e)$980$774 -
聖殿祭司的 ASP.NET 2.0 專家技術手冊-使用VB, 2/e$720$612 -
Linux 作業系統之奧義$480$379 -
Linux 核心詳解, 3/e (Understanding the Linux Kernel, 3/e)$1,200$948 -
SQL Server 2005 資料庫管理$680$537 -
深入淺出物件導向分析與設計 (Head First Object-Oriented Analysis and Design)$880$695 -
Microsoft Office SharePoint Server 2007 新一代企業表單與內容管理 (第二集)$720$569 -
ASP.NET AJAX 經典範例 100─使用 VB$750$638 -
軟體測試實務講座─來自矽谷的技術經驗與心得分享$290$226 -
JavaScript 大全 (JavaScript: The Definitive Guide, 5/e)$1,200$948 -
現代嵌入式系統開發專案實務-菜鳥成長日誌與專案經理的私房菜$600$480 -
Flash CS3 ActionScript 3.0 打造互動網頁的力與美$480$379 -
簡單‧圖解程式設計 Programming 的優質入門書$450$351 -
ASP.NET 2.0 與資料庫程式設計 (Beginning ASP.NET 2.0 and Databases)$620$527 -
Microsoft Office SharePoint Server 2007 新一代網頁資訊設計與應用(第三集)$980$774 -
$179JSON必知必會/圖靈程序設計叢書
相關主題
商品描述
Description
Ajax applications should be open yet secure. Far too often security is added as an afterthought. Potential flaws need to be identified and addressed right away. This book explores Ajax and web application security with an eye for dangerous gaps and offers ways that you can plug them before they become a problem. By making security part of the process from the start, you will learn how to build secure Ajax applications and discover how to respond quickly when attacks occur.
Securing Ajax Applications succinctly explains that the same back-and-forth communications that make Ajax so responsive also gives invaders new opportunities to gather data, make creative new requests of your server, and interfere with the communications between you and your customers. This book presents basic security techniques and examines vulnerabilities with JavaScript, XML, JSON, Flash, and other technologies -- vital information that will ultimately save you time and money.
Topics include:
- An overview of the evolving web platform, including APIs, feeds, web services and asynchronous messaging
- Web security basics, including common vulnerabilities, common cures, state management and session management
- How to secure web technologies, such as Ajax, JavaScript, Java applets, Active X controls, plug-ins, Flash and Flex
- How to protect your server, including front-line defense, dealing with application servers, PHP and scripting
- Vulnerabilities among web standards such as HTTP, XML, JSON, RSS, ATOM, REST, and XDOS
- How to secure web services, build secure APIs, and make open mashups secure
Securing Ajax Applications takes on the challenges created by this new generation of web development, and demonstrates why web security isn't just for administrators and back-end programmers any more. It's also for web developers who accept the responsibility that comes with using the new wonders of the Web.
Table of Contents
Preface
1. The Evolving Web
The Rise of the Web
2. Web Security
Security Basics
Risk Analysis
Common Web Application Vulnerabilities
3. Securing Web Technologies
How Web Sites Communicate
Browser Security
Browser Plug-ins, Extensions, and Add-ons
4. Protecting the Server
Network Security
Host Security
Web Server Hardening
Application Server Hardening
5. A Weak Foundation
HTTP Vulnerabilities
The Threats
JSON
XML
RSS
Atom
REST
6. Securing Web Services
Web Services Overview
Security and Web Services
Web Service Security
7. Building Secure APIs
Building Your Own APIs
Preconditions
Postconditions
Invariants
Security Concerns
RESTful Web Services
8. Mashups
Web Applications and Open Internet APIs
Wild Web 2.0
Mashups and Security
Open Versus Secure
A Security Blanket
Case Studies
Index
