31. Block the attacks web apps actually face
Protect web apps from common attacks such as cross-site scripting, SQL injection, cross-site request forgery, broken access control, insecure uploads, and secret leaks. The chapter uses the attacker’s path to show where defenses belong.