csage (3) [Avatar] Offline
#1
Hi Monsur,

having just read the sample chapter in order to get a better feel for the book, I thought I'd at least provide some feedback by way of "payment".

In general your writing style is clear, the example code works the way it's described, and the purpose, structure and flow of the chapter is well thought out. So, thumbs up!

Two minor typos:
- in section 1.1.1, first sentence: principle, not principal
- in section 1.5, 2nd paragraph, 2nd sentence: don't exactly line up, not lineup

Also, there is one suggestion I would like to make: To someone who does not have a firm grounding in security or hacking, the example about the rogue site posting to your Facebook wall in section 1.1.1 may not sound plausible without further explanation. Perhaps you could briefly touch on what a user's browser needs to present to the Facebook server in order to be given access during a regular (same-origin) request and thus motivate how it would be easy to set up a drive-by attack if browsers did not block cross-origin requests.

Otherwise, the book looks promising, and I would like to continue reading it. Should I decide not to all the same, that will be purely for lack of time.

Best Wishes,
Christian
monsur.hossain (22) [Avatar] Offline
#2
Re: Chapter 1: minor typos and a suggestion
Thank you for the detailed feedback. I really appreciate it! I will make these changes, and also spend some time trying to improve the FB example. Thanks again!