Securing Ajax Applications und über 1,5 Millionen weitere Bücher verfügbar für Amazon Kindle. Erfahren Sie mehr
EUR 35,76
  • Alle Preisangaben inkl. MwSt.
Nur noch 2 auf Lager (mehr ist unterwegs).
Verkauf und Versand durch Amazon.
Geschenkverpackung verfügbar.
Ihren Artikel jetzt
eintauschen und
EUR 0,10 Gutschein erhalten.
Möchten Sie verkaufen?
Zur Rückseite klappen Zur Vorderseite klappen
Anhören Wird wiedergegeben... Angehalten   Sie hören eine Probe der Audible-Audioausgabe.
Weitere Informationen
Dieses Bild anzeigen

Securing Ajax Applications: Ensuring the Safety of the Dynamic Web (Englisch) Taschenbuch – 28. Juli 2007

Alle 2 Formate und Ausgaben anzeigen Andere Formate und Ausgaben ausblenden
Amazon-Preis Neu ab Gebraucht ab
Kindle Edition
"Bitte wiederholen"
"Bitte wiederholen"
EUR 35,76
EUR 20,12 EUR 2,93
12 neu ab EUR 20,12 9 gebraucht ab EUR 2,93
Jeder kann Kindle Bücher lesen — selbst ohne ein Kindle-Gerät — mit der KOSTENFREIEN Kindle App für Smartphones, Tablets und Computer.




Describes how to build secure Ajax applications and how to prevent and respond to a security attack.

Über den Autor und weitere Mitwirkende

Christopher Wells has deployed security solutions for major healthcare, telecommunication, and financial industries, and is currently employed as an Information Security Consultant for a major financial institution. He is an accomplished applications security architect with over 10 years of application security experience. Christopher holds multiple security certifications including a Certified Information Security Systems Professional (CISSP), and holds a Bachelor degree from the University of Minnesota.

In diesem Buch (Mehr dazu)
Ausgewählte Seiten ansehen
Buchdeckel | Copyright | Inhaltsverzeichnis | Auszug | Stichwortverzeichnis | Rückseite
Hier reinlesen und suchen:


Es gibt noch keine Kundenrezensionen auf
5 Sterne
4 Sterne
3 Sterne
2 Sterne
1 Sterne

Die hilfreichsten Kundenrezensionen auf (beta) 9 Rezensionen
18 von 19 Kunden fanden die folgende Rezension hilfreich
Jack of all trades, master of none 3. August 2007
Von Amazon Customer - Veröffentlicht auf
Format: Taschenbuch
If you are looking for a superficial review of 50 different topics indirectly related to web application security, this is the book for you.

"Securing Ajax Applications" is just all over the place. The topics covered are only tangentially related to AJAX. If you are a programmer looking for ways to harden XHR, you are out of luck.

For example:

The section on "Protecting the Server" owes much of its 30-page length to 1) a tutorial on installing the Ubuntu distribution of Linux, 2) an overview of syslog and its configuration file, and 3) setting up iptables. Yes, that's right, a tutorial on installing Linux in a book on AJAX security. There are even screenshots (plural). I am not kidding: go check out the publisher's web site, this chapter is the sample chapter. While you are there, check out the table of contents and ask yourself if the high-level topic intros presented in those sections will likely make you a programmer of more secure AJAX applications.

I am not exaggerating when I say that it is as if the author amassed a collection of FAQs and blog articles related to general topics in Internet security, and O'Reilly decided that if they bound them together in book form and put "AJAX" in the title, they could sell it for $49.95.

The book could have just as easily been published by Sitepoint with a title like "The Web Site Security Anthology, 50 Things You Need To Know", at 60% of the price.

For $20 cheaper, "Essential PHP Security" (O'Reilly) is better spent money and will actually teach you something useful (even if you are not a PHP developer).
12 von 13 Kunden fanden die folgende Rezension hilfreich
Useless 14. August 2007
Von Dean H. Saxe - Veröffentlicht auf
Format: Taschenbuch
If I wanted a generic web application security book, this might have fit the bill. Barely. The book spends precious little space discussing security with Ajax applications.

I have never been so disappointed with an O'Reilly book with respect to the quality and quantity of information presented.
5 von 5 Kunden fanden die folgende Rezension hilfreich
The title should be "An Introducing To Web Security" 12. Februar 2008
Von Rodrigo Costa - Veröffentlicht auf
Format: Taschenbuch
In its 211 pages, Christopher Wells written a good book with one bad feature: Barely speak about the title-theme. In my opinion, this book is a good guide to start your studies about web security. Its chapters covers issues like web-server security, secure ways to develop your applications, many demonstrations of threat exploits and how to protect your application to them.
My conclusion is: If you want start your studies in Web Security, go on and buy this book. If you already did this and want to learn specifically about AJAX Security, try other book, because this one won't help you so much.
2 von 2 Kunden fanden die folgende Rezension hilfreich
The topic is too vast to be adequately addressed in a little book like this 29. März 2008
Von Robert D. Glover Jr. - Veröffentlicht auf
Format: Taschenbuch Verifizierter Kauf
The author is very smart and very knowledgeable, but the catchy book title is simply too vast a topic to be covered by a small book like this. There is a lot to be learned from this book, but it's mainly general knowledge about a vast array of topics that only vaguely fall under the AJAX category. Like "Javascript: the Good Parts", this book probably requires two or three readings to really appreciate it. Meanwhile, the first reading is not all that illuminating. For example, the samples of web security holes seem contrived and unlikely to occur in real life. Who actually writes a web application that lets the web browser client user choose the name and directory location of the file to download from the server? He even throws his hands up in the course of one topic and concludes there is no actual way to ensure security, given the poor architecture of the enabling technology.
6 von 8 Kunden fanden die folgende Rezension hilfreich
Wow, very disappointed...this is not an AJAX book 20. November 2007
Von .NET Code Monkey - Veröffentlicht auf
Format: Taschenbuch
I was really looking forward to this book as this topic is very important to my job. But there is very little AJAX-specific content. The closest it comes is chapter five that dabbles with JSON a bit.

If you want to secure AJAX applications, you can pass over this title and stick to the basics:

- Learn and apply holistic, defense-in-depth development principles. A great primer for this is Writing Secure Code, Second Edition.

- Dig deeper into web-specific practices--both development and networking/administration. Although a little outdated (references Windows 2000 a lot), the best book I have seen so far is Improving Web Application Security: Threats and Countermeasures.

- Just remember that AJAX is nothing more than using JavaScript at the client to pull back XML from the server, so your weakest points in your application can be hardened with plain 'ole input validation. Validate at the client to ensure you have a properly assembled HTTP request going out. Validate at the server to ensure incoming variables don't break any rules, and XML encode all user input (preferably using Microsoft's free Anti-XSS library) on the way back to the client to avoid cross-site scripting.
Waren diese Rezensionen hilfreich? Wir wollen von Ihnen hören.