Download Safari Books Online apps: Apple iOS | Android

Entire Site

Safari Books Online

    Free Trial

    Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.


    • Create BookmarkCreate Bookmark
    • Create Note or TagCreate Note or Tag
    • PrintPrint
    Share this Page URL
    Help

    PART II Web Application Security Princip... > CHAPTER 6 Browser Security Principle...

    CHAPTER 6
    Browser Security Principles: Cross-Site Scripting and Cross-Site Request Forgery

    We’ll Cover

    image Cross-site scripting

    image Cross-site request forgery

    Sometimes the most effective way that an attacker can compromise your application is not to attack the server directly, but instead to attack your users through their web browsers. Browsers have the inherent defense of the same-origin policy to prevent attacks like this, but vulnerabilities present in your code can allow attackers to circumvent that defense. Now that we have a good understanding of the same-origin policy and why it’s so important, it’s time to take a look at two of the most common of those vulnerabilities: cross-site scripting and cross-site request forgery.


      

    You are currently reading a PREVIEW of this book.

                                                                                            

    Get instant access to over
    $1 million worth of books and videos.

      

    Start a Free Trial


      
    • Safari Books Online
    • Create BookmarkCreate Bookmark
    • Create Note or TagCreate Note or Tag
    • PrintPrint