Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.


In The Tangled Web, Michal Zalewski, one of the world's top browser security experts, offers a compelling narrative that explains exactly how browsers work and why they're fundamentally insecure. Rather than dispense simplistic advice on vulnerabilities, Zalewski examines the entire browser security model, revealing weak points and providing crucial information for shoring up web application security.

Subscriber Reviews

Average Rating: 5 out of 5 rating Based on 4 Ratings

"The best web security book - EVER!" - by Anonymous on 30-MAY-2013
Reviewer Rating: 1 star rating2 star rating3 star rating4 star rating5 star rating
I cannot thank Michal Zalewski for writing this book which I believe is the best web security book ever written. His experience with the Google Chrome team is exceptionally valuable in explaining a very difficult concept of click jacking and embedded iframe attacks. I hope a new edition is written which covers new techniques such as web sockets. Absolutely terrific. I have given away multiple copies of this book. Very valuable in educating developers.
Report as Inappropriate

"Brilliant!" - by Shadowchaser on 14-DEC-2012
Reviewer Rating: 1 star rating2 star rating3 star rating4 star rating5 star rating
While reading this book I've felt like being on great journey. I admire people with such ease of writing about technical matters. The book is the real eye-opener and everybody who's using the web, not only developers, should read it. Simply amazing!
Report as Inappropriate

Table of Contents



The publisher has provided additional content related to this title.


Visit the catalog page for The Tangled Web

  • Catalog Page

Visit the errata page for The Tangled Web

  • Errata