SOLDES

Jusqu'à -70% sur une sélection d'articles*

Roland Espinoza

Dernière sortie

Finding and Fixing XSS

Cross-site scripting is the most pervasive web security flaw, and Finding and Fixing XSS is your hands-on guide to mastering its detection and remediation. Whether you are a beginner developer or a seasoned pro, this book teaches you how to find reflected and stored XSS in real-world applications-and, crucially, how to write fixes that actually close the vulnerability for good. You will learn to spot XSS in every context: URL parameters, form inputs, JSON responses, and even inside JavaScript strings.
Through practical examples and step-by-step walkthroughs, you will understand why common mitigations like HTML encoding or input validation often fail, and how to implement proper output encoding, content security policies, and secure-by-design patterns. Each chapter builds on the last, moving from simple reflected flaws to complex stored attacks that persist across sessions. The book covers advanced topics such as DOM-based XSS, mutation XSS, and bypassing WAFs, all while emphasizing the mindset of a security engineer who thinks like an attacker.
You will also get a complete toolkit for testing your own applications: browser extensions, fuzzing techniques, and automated scanners-but with the caveat that no tool replaces understanding. Real-world case studies show how XSS was exploited in major breaches, and how the fixes were eventually applied. By the end, you will be able to audit any web application for XSS, write secure code from the start, and explain the risks to non-technical stakeholders.
This is not just a theory book-it is a workbook you will keep open on your desk. Competing titles like [placeholder] and [placeholder] cover XSS superficially, but this book goes deep into the mechanics of the attack and the exact code changes that close it. If you want to stop XSS for good, start here.
Offrir maintenant
Ou planifier dans votre panier

Les livres de Roland Espinoza