Securing Ajax Applications and over one million other books are available for Amazon Kindle. Learn more

Quantity:


	Amazon Prime Free Trial required. Sign up when you check out. Learn More

Kindle Edition Read the Kindle edition on Kindle, iPhone, iPad, Android, BlackBerry, PC and Mac.

More Buying Choices

Have one to sell? Sell yours here

Share your own customer images

Publisher: learn how customers can search inside this book.

Start reading Securing Ajax Applications on your Kindle in under a minute.

Don't have a Kindle? Get your Kindle here, or download a FREE Kindle Reading App.

Securing Ajax Applications: Ensuring the Safety of the Dynamic Web [Paperback]

Christopher Wells Exe (Author)

2.4 out of 5 stars See all reviews (9 customer reviews) |

List Price:	$49.99
Price:	$36.49 & this item ships for FREE with Super Saver Shipping. Details
Deal Price:
You Save:	$13.50 (27%)
	o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o

In Stock.
Ships from and sold by Amazon.com. Gift-wrap available.

Want it delivered Monday, February 27? Choose One-Day Shipping at checkout. Details

FREE Two-Day Shipping for students on millions of items. Learn more

Formats	Amazon Price		New from	Used from
Kindle Edition	$25.19		--	--
Paperback	$36.49		--	--

Like this book? Find similar titles from O'Reilly and Partners in our O'Reilly Bookstore.

› See more product promotions

Book Description

Publication Date: July 18, 2007 | ISBN-10: 0596529317 | ISBN-13: 978-0596529314 | Edition: 1

Ajax applications should be open yet secure. Far too often security is added as an afterthought. Potential flaws need to be identified and addressed right away. This book explores Ajax and web application security with an eye for dangerous gaps and offers ways that you can plug them before they become a problem. By making security part of the process from the start, you will learn how to build secure Ajax applications and discover how to respond quickly when attacks occur.

Securing Ajax Applications succinctly explains that the same back-and-forth communications that make Ajax so responsive also gives invaders new opportunities to gather data, make creative new requests of your server, and interfere with the communications between you and your customers. This book presents basic security techniques and examines vulnerabilities with JavaScript, XML, JSON, Flash, and other technologies -- vital information that will ultimately save you time and money.

Topics include:

An overview of the evolving web platform, including APIs, feeds, web services and asynchronous messaging
Web security basics, including common vulnerabilities, common cures, state management and session management
How to secure web technologies, such as Ajax, JavaScript, Java applets, Active X controls, plug-ins, Flash and Flex
How to protect your server, including front-line defense, dealing with application servers, PHP and scripting
Vulnerabilities among web standards such as HTTP, XML, JSON, RSS, ATOM, REST, and XDOS
How to secure web services, build secure APIs, and make open mashups secure

Securing Ajax Applications takes on the challenges created by this new generation of web development, and demonstrates why web security isn't just for administrators and back-end programmers any more. It's also for web developers who accept the responsibility that comes with using the new wonders of the Web.

#outer_postBodyPS { display: none; } #psGradient { display: none; } #psPlaceHolder { display: none; } #psExpand { display: none; }

An overview of the evolving web platform, including APIs, feeds, web services and asynchronous messaging
Web security basics, including common vulnerabilities, common cures, state management and session management
How to secure web technologies, such as Ajax, JavaScript, Java applets, Active X controls, plug-ins, Flash and Flex
How to protect your server, including front-line defense, dealing with application servers, PHP and scripting
Vulnerabilities among web standards such as HTTP, XML, JSON, RSS, ATOM, REST, and XDOS
How to secure web services, build secure APIs, and make open mashups secure

Frequently Bought Together

Customers Who Bought This Item Also Bought

Ajax Security by Billy Hoffman
4.9 out of 5 stars (9)

$32.99
JavaScript: The Good Parts by Douglas Crockford
4.1 out of 5 stars (112)

$17.83
Version Control with Git: Powerful Tools and Tech... by Jon Loeliger
4.6 out of 5 stars (19)

$21.29
High Performance JavaScript (Build Faster We... by Nicholas C. Zakas
4.5 out of 5 stars (16)

$23.09
Building Social Web Applications: Establishing Comm... by Gavin Bell
4.4 out of 5 stars (14)

$23.09
Mastering Regular Expressions by Jeffrey E.F. Friedl
4.5 out of 5 stars (146)

$26.99

Editorial Reviews

About the Author

Christopher Wells has deployed security solutions for major healthcare, telecommunication, and financial industries, and is currently employed as an Information Security Consultant for a major financial institution. He is an accomplished applications security architect with over 10 years of application security experience. Christopher holds multiple security certifications including a Certified Information Security Systems Professional (CISSP), and holds a Bachelor degree from the University of Minnesota.

Product Details

Paperback: 256 pages
Publisher: O'Reilly Media; 1 edition (July 18, 2007)
Language: English
ISBN-10: 0596529317
ISBN-13: 978-0596529314
Product Dimensions: 9.2 x 7.1 x 0.6 inches
Shipping Weight: 14.4 ounces (View shipping rates and policies)

Average Customer Review: 2.4 out of 5 stars See all reviews (9 customer reviews)

Amazon Best Sellers Rank: #1,873,791 in Books (See Top 100 in Books)

Would you like to update product info or give feedback on images?

Customer Reviews

9 Reviews

5 star:		(1)
4 star:		(1)
3 star:		(2)
2 star:		(2)
1 star:		(3)

Average Customer Review

2.4 out of 5 stars (9 customer reviews)

Share your thoughts with other customers:

Create your own review

Most Helpful Customer Reviews

17 of 18 people found the following review helpful:

2.0 out of 5 stars Jack of all trades, master of none, August 2, 2007

Evan R (SF Bay Area) - See all my reviews

This review is from: Securing Ajax Applications: Ensuring the Safety of the Dynamic Web (Paperback)

If you are looking for a superficial review of 50 different topics indirectly related to web application security, this is the book for you.

"Securing Ajax Applications" is just all over the place. The topics covered are only tangentially related to AJAX. If you are a programmer looking for ways to harden XHR, you are out of luck.

For example:

The section on "Protecting the Server" owes much of its 30-page length to 1) a tutorial on installing the Ubuntu distribution of Linux, 2) an overview of syslog and its configuration file, and 3) setting up iptables. Yes, that's right, a tutorial on installing Linux in a book on AJAX security. There are even screenshots (plural). I am not kidding: go check out the publisher's web site, this chapter is the sample chapter. While you are there, check out the table of contents and ask yourself if the high-level topic intros presented in those sections will likely make you a programmer of more secure AJAX applications.

I am not exaggerating when I say that it is as if the author amassed a collection of FAQs and blog articles related to general topics in Internet security, and O'Reilly decided that if they bound them together in book form and put "AJAX" in the title, they could sell it for $49.95.

The book could have just as easily been published by Sitepoint with a title like "The Web Site Security Anthology, 50 Things You Need To Know", at 60% of the price.

For $20 cheaper, "Essential PHP Security" (O'Reilly) is better spent money and will actually teach you something useful (even if you are not a PHP developer).

Help other customers find the most helpful reviews

Was this review helpful to you? Yes No

Report abuse | Permalink

Comment Comment (1)

12 of 13 people found the following review helpful:

1.0 out of 5 stars Useless, August 13, 2007

Dean H. Saxe - See all my reviews
(REAL NAME)

This review is from: Securing Ajax Applications: Ensuring the Safety of the Dynamic Web (Paperback)

If I wanted a generic web application security book, this might have fit the bill. Barely. The book spends precious little space discussing security with Ajax applications.

I have never been so disappointed with an O'Reilly book with respect to the quality and quantity of information presented.

Help other customers find the most helpful reviews

Was this review helpful to you? Yes No

Report abuse | Permalink

Comment Comment

5 of 5 people found the following review helpful:

3.0 out of 5 stars The title should be "An Introducing To Web Security", February 12, 2008

Rodrigo Costa (Rio de Janeiro, Brazil) - See all my reviews
(REAL NAME)

This review is from: Securing Ajax Applications: Ensuring the Safety of the Dynamic Web (Paperback)

In its 211 pages, Christopher Wells written a good book with one bad feature: Barely speak about the title-theme. In my opinion, this book is a good guide to start your studies about web security. Its chapters covers issues like web-server security, secure ways to develop your applications, many demonstrations of threat exploits and how to protect your application to them.

My conclusion is: If you want start your studies in Web Security, go on and buy this book. If you already did this and want to learn specifically about AJAX Security, try other book, because this one won't help you so much.

Help other customers find the most helpful reviews

Was this review helpful to you? Yes No

Report abuse | Permalink

Comment Comment

Share your thoughts with other customers: Create your own review

› See all 9 customer reviews...

Most Recent Customer Reviews

2.0 out of 5 stars Where's the Ajax?
Pros: this book makes a decent primer for intro web sec topics

Cons: Minimal Ajax content, meaning this tome was mis-titled.

Published on February 8, 2009 by KageVF

4.0 out of 5 stars Misleading title - little AJAX, more web security. Overall good book.
Okay, first what I liked in this book:

1. not many pages, which means it is psychologically acceptable. ;-)

2. Read more

Published on April 24, 2008 by Amarendra Godbole

3.0 out of 5 stars Too specific a title for content that is far more general in nature...
Since Ajax is such a hot subject right now, I thought the book Securing Ajax Applications by Christopher Wells would be a worthwhile read. Read more

Published on April 19, 2008 by Thomas Duff

1.0 out of 5 stars The topic is too vast to be adequately addressed in a little book like this
The author is very smart and very knowledgeable, but the catchy book title is simply too vast a topic to be covered by a small book like this. Read more

Published on March 29, 2008 by Robert D. Glover Jr.

1.0 out of 5 stars Wow, very disappointed...this is not an AJAX book
I was really looking forward to this book as this topic is very important to my job. But there is very little AJAX-specific content. Read more

Published on November 19, 2007 by .NET Code Monkey

5.0 out of 5 stars Recommended for any library catering to Ajax students and programmers.
Christopher Wells' SECURING AJAX APPLICATIONS makes a startling comment: using Ajax can increase the risks of existing security flaws in a web site. Read more

Published on September 5, 2007 by Midwest Book Review

› See all 9 customer reviews...

What Other Items Do Customers Buy After Viewing This Item?

Ajax Security by Billy Hoffman Paperback
4.9 out of 5 stars (9)

$32.99

High Performance Web Sites: Essential Knowledge for Front-End Engineers by Steve Souders Paperback
4.3 out of 5 stars (46)

$19.79

Ajax: The Definitive Guide by Anthony T. Holdener III Paperback
3.5 out of 5 stars (15)

$31.49

› Explore similar items

Tags Customers Associate with This Product

(What's this?)

Click on a tag to find related items, discussions, and people.

ajax(2)

security(2)

web security(2)

http(1)

software development(1)

web development(1)

Agree with these tags?

.jsOffDisplayBlock { display: block; } .jsOffDisplayInline { display: inline; } .jsOffVisibility { visibility: visible; } .jsOnDisplayBlock { display: none; } .jsOnDisplayNoneBlock { display: block; } .jsOnDisplayNoneInline { display: inline; } .jsOnDisplayInline { display: none; } .jsOnVisibility { visibility: hidden; } .jqOnDisplayBlock { display: none; } .jqOnDisplayInline { display: none; } .jqOnVisibility { visibility: hidden; } .jqOnDisplayNoneBlock { display: block; } .jqOnDisplayNoneInline { display: inline; }

Customer Discussions

This product's forum

Discussion	Replies	Latest Post
No discussions yet

Ask questions, Share opinions, Gain insight

Start a new discussion

Topic:

First post:

Receive e-mail when new posts are made

Prompts for sign-in

Guidelines

Active discussions in related forums

Discussion	Replies	Latest Post
Textbook forum Textbook Buyback	6	2 days ago
Textbook forum What is an a la carte textbook?	3	3 days ago
Textbook forum the book have the student access code?	1	5 days ago
Textbook forum Never buy school textbooks. Download them to your reading device or computer	6	7 days ago
Textbook forum Never Again	35	18 days ago