Innocent Code: A Security Wake-up Call for Web Programmers

Author Huseby, Sverre
ISBN 0-470-85744-7
Find it WorldCat
Project Gutenberg
Buy it Amazon.com|ca|co.uk
Chapters.ca
AbeBooks
Review

For the most part it's fairly basic, but as an overview of web application security it's very good. It also included a few titbits about encoding-based XSS-type exploits that I had not heard about before. I think I need to spend more time with OWASP...

Notes