- ホーム
- > 洋書
Full Description
HTML5 is fast becoming one of the most popular technologies for creating highly responsive and complex content-driven web applications today. With the introduction of new APIs such as Web Workers, Geolocation, Web Storage, WebSockets, Cross-Document Messaging and Application Cache, this technology has been adopted by many development teams to create applications that provide features previously only possible in thick-client applications. It is also one of the leading candidates for cross-platform mobile application development. This means that it is also one of the most popular targets for attack. The addition of these complex and feature-rich APIs increases the potential attack surface of your applications, giving smart hackers more opportunities for reaching your private data. Although the W3C have given more consideration to security issues while defining the HTML5 standard than with previous HTML iterations, it is still very possible to introduce security flaws in your web applications with improper use of these APIs.The Definite Guide to HTML5 Security details these security and privacy flaws that arise due to the insecure implementation of the HTML5 APIs and provides methods to secure your applications and websites against them. The Definitive Guide to HTML5 Security: Introduces you to the potential security and privacy flaws that may occur due to insecure implementation of the various HTML5 APIs.* Provides information that will help you make the right security decisions while designing and conceptualizing various application components.* Provides detailed examples and walkthroughs, showing ways to implement these features securely.
Contents
Part IFeatures Chapter 2: Identifying the Most Common Web Security Problems Part II: Cross Origin Communication Security Chapter 3: The Evolution of Cross Origin Communication Before HTML5 Chapter 4: Securing Communication with Cross Domain Servers with HTML5 Cross Origin Requests Chapter 5: Securing Client-side Cross Domain Communication with HTML5 Web Messaging Part III: Client-side Storage Chapter 6: The Evolution of Client-side Storage Before HTML5 Chapter 7: Security Considerations when Storing Client-side Data with HTML5 Web Storage Chapter 8: Avoiding SQL Injections and Other Risks with HTML5 Client-side Databases Part IV: New Communication Methods Chapter 9: Securely Implementing Real-time Client-Server communication with HTML5 WebSockets Chapter 10: Implementing Secure HTML5 Server-Sent Events Part V: Other Features Chapter 11: Security Considerations When Using Graphics with SVG and CANVAS Chapter 12: Security Considerations When Using Application Cache, Web Workers, and Geolocation Part VI: New Security Features Chapter 13: Securely loading Third-party Content with Sandboxed Frames Chapter 14: Supplementing Security with HTTP Response Headers Part VII: HTML5 For Mobile Chapter 15: Securely Embedding HTML5 in Native Mobile Applications Chapter 16: Developing Secure Hybrid Mobile Applications Part VIII: Tools for Building a Secure Site Chapter 17: Using Content Security Policy to Build Secure Sites Chapter 18: Quick Developer Reference
