The Tangled Web

An essential read for anyone interested in web security. This book covers many different web technologies and how security issues arise from how they interact - something that I haven't seen covered like this in any other book.

My Rating: yesyesyesyesyes





This book provides many examples of badly constructed HTML, CSS, JavaScript etc. If the book were about how to write any of those languages then those would have to be examples of what not to do. The book isn't about any of those topics though, it is about security and the examples clearly demonstrate how some badly constructed code can create security issues.

Much of what the book covers relates to aspects of the web that have been developed piecemeal over many years and so the author logically starts at the beginning and describes how the various technologies have been developed from the start. The book looks into what the purpose of each technology was, its benefits, its shortcomings, and most importantly how it interacts with the various other web technologies - often in unexpected ways.

While I thought that I new all about a lot of the areas that this book covers, in just about every section the author went beyond what I knew to discuss aspects of the technology that I had never considered. This is definitely a book that I will need to reread.

On a final note, you'll notice that the cons I list for the book are not really about anything wrong with the book itself but are rather two instances where the author states that there appears to be no reason for something where I believe that I know what the reason is.

More Information from the Publisher

go to top

FaceBook Follow
Twitter Follow