Every piece of the web application stack, from HTTP requests to browser-side scripts, comes with important yet subtle security consequences. To keep users safe, it is essential for developers to confidently navigate this landscape.In The Tangled Web, Michal Zalewski, one of the world's top browser security experts, offers a compelling narrative that explains exactly how browsers work and why they're fundamentally insecure. Rather than dispense simplistic advice on vulnerabilities, Zalewski examines the entire browser security model, revealing weak points and providing crucial information for shoring up web application security. You'll learn how to:Perform common but surprisingly complex tasks such as URL parsing and HTML sanitization Use modern security features like Strict Transport Security, Content Security Policy, and Cross-Origin Resource Sharing Leverage many variants of the same-origin policy to safely compartmentalize complex web applications and protect user credentials in case of XSS bugs Build mashups and embed gadgets without getting stung by the tricky frame navigation policy Embed or host user-supplied content without running into the trap of content sniffing For quick reference, "Security Engineering Cheat Sheets" at the end of each chapter offer ready solutions to problems you're most likely to encounter. With coverage extending as far as planned HTML5 features, The Tangled Web will help you create secure web applications that stand the test of time.

    Create a tiny virtual environment, called a container, for your application that includes only its particular set of dependencies. The Docker engine accounts for, manages, and builds these containers through functionality provided by the host operating system. Software running inside containers share the Linux OS and other resources, such as libraries, making their footprints radically smaller, and the containerized applications are easy to install, manage, and remove. Developers can package their applications without worrying about environment-specific deployment concerns, and the operations team gets cleaner, more efficient systems across the board. Better still, Docker is free and open source.Docker in Action teaches readers how to create, deploy, and manage applications hosted in Docker containers. The book starts with a clear explanation of the Docker model of virtualization, comparing this approach to the traditional hypervisor model. Developers will learn how to package applications in containers, including specific techniques for testing and distributing applications via Docker Hub and other registries. Readers will learn how to take advantage of the Linux OS features that Docker uses to run programs securely, and how to manage shared resources. Using carefully-designed examples, the book teaches you how to orchestrate containers and applications from installation to removal. Along the way, you'll learn techniques for using Docker on systems ranging from your personal dev-and-test machine to full-scale cloud deployments.

    The long-anticipated revision of this best-selling text offers the most comprehensive, up-to-date introduction to the theory and practice of artificial intelligence. *NEW-Nontechnical learning material-Accompanies each part of the book. *NEW-The Internet as a sample application for intelligent systems-Added in several places including logical agents, planning, and natural language. *NEW-Increased coverage of material - Includes expanded coverage of: default reasoning and truth maintenance systems, including multi-agent/distributed AI and game theory; probabilistic approaches to learning including EM; more detailed descriptions of probabilistic inference algorithms. *NEW-Updated and expanded exercises-75% of the exercises are revised, with 100 new exercises. *NEW-On-line Java software. *Makes it easy for students to do projects on the web using intelligent agents. *A unified, agent-based approach to AI-Organizes the material around the task of building intelligent agents. *Comprehensive, up-to-date coverage-Includes a unified view of the field organized around the rational decision making pa

    This completely revised edition shows you how to master key JavaScript concepts such as functions, closures, objects, prototypes, and promises. It covers APIs such as the DOM, events, and timers. You’ll discover best practice techniques such as testing, and cross-browser development, all taught from the perspective of skilled JavaScript practitioners.

    It was written (and illustrated!) by an all-star team:David Flanagan, bestselling author of programming language "bibles" (including JavaScript: The Definitive Guide and Java in a Nutshell) and committer to the Ruby Subversion repository.Yukihiro "Matz" Matsumoto, creator, designer and lead developer of Ruby and author of Ruby in a Nutshell, which has been expanded and revised to become this book.why the lucky stiff, artist and Ruby programmer extraordinaire. This book begins with a quick-start tutorial to the language, and then explains the language in detail from the bottom up: from lexical and syntactic structure to datatypes to expressions and statements and on through methods, blocks, lambdas, closures, classes and modules. The book also includes a long and thorough introduction to the rich API of the Ruby platform, demonstrating -- with heavily-commented example code -- Ruby's facilities for text processing, numeric manipulation, collections, input/output, networking, and concurrency. An entire chapter is devoted to Ruby's metaprogramming capabilities.The Ruby Programming Language documents the Ruby language definitively but without the formality of a language specification. It is written for experienced programmers who are new to Ruby, and for current Ruby programmers who want to challenge their understanding and increase their mastery of the language.

    Mastering this art will not only make you the most desired developer in the market, but it will transform the craziest deadline into "Consider it done, Sir".

    In this concise book, JavaScript expert Cody Lindley (jQuery Cookbook) provides an accurate view of the language by examining its objects and supporting nuances.Libraries and frameworks help you build web applications quickly and efficiently, but when things go wrong or performance becomes an issue, knowing how and why they work is critical. If you're ready to go under the hood and get your hands dirty with JavaScript internals, this is your book. Get a short and digestible summary of ECMA-262, Edition 3, backed by real code you can run instantly Examine the creation of JavaScript objects Learn complex values, primitive values, scope, and inheritance Understand the importance of the head object Work with string, number, and Boolean objects and values Discover how to use the null value and the built-in math object Get into the details--beyond Mozilla's reference guide for JavaScript 1.5

    Algorithms in a Nutshell describes a large number of existing algorithms for solving a variety of problems, and helps you select and implement the right algorithm for your needs -- with just enough math to let you understand and analyze algorithm performance. With its focus on application, rather than theory, this book provides efficient code solutions in several programming languages that you can easily adapt to a specific project. Each major algorithm is presented in the style of a design pattern that includes information to help you understand why and when the algorithm is appropriate. With this book, you will:Solve a particular coding problem or improve on the performance of an existing solutionQuickly locate algorithms that relate to the problems you want to solve, and determine why a particular algorithm is the right one to useGet algorithmic solutions in C, C++, Java, and Ruby with implementation tipsLearn the expected performance of an algorithm, and the conditions it needs to perform at its bestDiscover the impact that similar design decisions have on different algorithmsLearn advanced data structures to improve the efficiency of algorithmsWith Algorithms in a Nutshell, you'll learn how to improve the performance of key algorithms essential for the success of your software applications.

    Git permits virtually an infinite variety of methods for development and collaboration. Created by Linus Torvalds to manage development of the Linux kernel, it's become the principal tool for distributed version control. But Git's flexibility also means that some users don't understand how to use it to their best advantage. Version Control with Git offers tutorials on the most effective ways to use it, as well as friendly yet rigorous advice to help you navigate Git's many functions. With this book, you will:Learn how to use Git in several real-world development environments Gain insight into Git's common-use cases, initial tasks, and basic functions Understand how to use Git for both centralized and distributed version control Use Git to manage patches, diffs, merges, and conflicts Acquire advanced techniques such as rebasing, hooks, and ways to handle submodules (subprojects) Learn how to use Git with Subversion Git has earned the respect of developers around the world. Find out how you can benefit from this amazing tool with Version Control with Git.

    It brings together all the knowledge needed to write any program, use any standard or third-party Python 3 library, and create new library modules of your own.

    This book makes it easy From how to install and run Java to understanding classes and objects and juggling values with arrays and collections, you will get up to speed on the new features of Java 6 in no time.Discover how toUse object-oriented programmingWork with the changes in Java 6 and JDK 6Save time by reusing codeMix Java and Javascript with the new scripting toolsTroubleshoot code problems and fix bugsAll on the bonus CD-ROMCustom build of JCreator and all the code files used in the bookBonus chapters not included in the bookTrial version of Jindent, WinOne, and NetCaptor freewareSystem Requirements: For details and complete system requirements, see the CD-ROM appendix.Note: CD-ROM/DVD and other supplementary materials are not included as part of eBook file.

    

    But building a popular API with a thriving developer ecosystem is also one of the most challenging. With this practical guide, developers, architects, and tech leads will learn how to navigate complex decisions for designing, scaling, marketing, and evolving interoperable APIs.Authors Brenda Jin, Saurabh Sahni, and Amir Shevat explain API design theory and provide hands-on exercises for building your web API and managing its operation in production. You'll also learn how to build and maintain a following of app developers. This book includes expert advice, worksheets, checklists, and case studies from companies including Slack, Stripe, Facebook, Microsoft, Cloudinary, Oracle, and GitHub.Get an overview of request-response and event-driven API design paradigmsLearn best practices for designing an API that meets the needs of your usersUse a template to create an API design processScale your web API to support a growing number of API calls and use casesRegularly adapt the API to reflect changes to your product or businessProvide developer resources that include API documentation, samples, and tools

    This book follows in the tradition of the first two: It delivers new material, organized in bite-sized Items and grouped into themed sections. Readers of the first two books will find some familiar section themes, now including new material, such as exception safety, generic programming, and optimization and memory management techniques. The books overlap in structure and theme, not in content. This book continues the strong emphasis on generic programming and on using the C++ standard library effectively, including coverage of important template and generic programming techniques. Sutter's goal for this third and final book in his set is to present case studies that pull together themes from the previous books. This book also covers important points presented at the C++ Standard Committee where corrections to the Standard have been discussed and accepted.

    Jon has done a wonderful job of updating the material. I am very impressed at how fresh the new examples seem." - Steve McConnell, author, Code CompleteWhen programmers list their favorite books, Jon Bentley's collection of programming pearls is commonly included among the classics. Just as natural pearls grow from grains of sand that irritate oysters, programming pearls have grown from real problems that have irritated real programmers. With origins beyond solid engineering, in the realm of insight and creativity, Bentley's pearls offer unique and clever solutions to those nagging problems. Illustrated by programs designed as much for fun as for instruction, the book is filled with lucid and witty descriptions of practical programming techniques and fundamental design principles. It is not at all surprising that Programming Pearls has been so highly valued by programmers at every level of experience. In this revision, the first in 14 years, Bentley has substantially updated his essays to reflect current programming methods and environments. In addition, there are three new essays on (1) testing, debugging, and timing; (2) set representations; and (3) string problems. All the original programs have been rewritten, and an equal amount of new code has been generated. Implementations of all the programs, in C or C++, are now available on the Web.What remains the same in this new edition is Bentley's focus on the hard core of programming problems and his delivery of workable solutions to those problems. Whether you are new to Bentley's classic or are revisiting his work for some fresh insight, this book is sure to make your own list of favorites.