Web Security for Developers will teach you how your websites are vulnerable to attack and how to protect them. Each chapter breaks down a major security vulnerability and explores a real-world attack, coupled with plenty of code to show you both the vulnerability and the fix.
You’ll learn how to:
• Protect against SQL injection attacks, malicious JavaScript, and cross-site request forgery
• Add authentication and shape access control to protect accounts
• Lock down user accounts to prevent attacks that rely on guessing passwords, stealing sessions,
• or escalating privileges
• Implement encryption
• Manage vulnerabilities in legacy code
• Prevent information leaks that disclose vulnerabilities
• Mitigate advanced attacks like malvertising and denial-of-service
As you get stronger at identifying and fixing vulnerabilities, you’ll learn to deploy disciplined, secure code and become a better programmer along the way.
