Book Review: Innocent Code: A Security Wake-Up Call for Web Programmers

The book is suitable for educate beginner-to-intermediate web developers to help understanding security issues in developing applications.

The author explained the basics of threats involved in handling user inputs, and output handling. One of the best chapters is "Chapter 8 - Rules of Secure Coding" where he provides summarized facts about secure coding and false programmer assumptions that break application security.


Popular posts from this blog

XSS: Gaining access to HttpOnly Cookie in 2012

The important "expires" attribute of Set-Cookie

HttpOnly Session ID in URL and Page Body | Cross Site Scripting