The Web Security Topics Series

A Web Developer's Guide to Secure Communication

Paperback prices: £7.99 (GBP), $13.99 (USD), €9.99 (EU) – prices at booksellers may vary.

Kindle edition prices approximately: £3.49 (GBP), $5.49 (USD), €4.59 (EU), Rs176 (INR, for customers in India only) – prices may vary, depending on your location.

Lecturers and instructors at recognised educational institutions can obtain a free PDF evaluation copy of this book through a MacAvon Media Lecturer's Account.

A clear guide to the principles of cryptography for Web developers, and to protocols used for securing communication on the World Wide Web, specifically TLS/SSL and HTTPS. Describes the use of public key authentication and public key infrastructure as used by HTTPS. Includes key points and a full glossary of technical terms.

This book is available in paperback, in PDF and as a Kindle edition. You do not need a Kindle device to read Kindle books. Amazon provide free Kindle reading applications for most tablets as well as for Mac OS and Windows.

Code Examples

All the JavaScript code examples featured in this book are available in a repository at Github. Please read the Code Examples page on this site for more details.


There is a stupid bug in Listing 5 on page 35, the transposition cipher. JavaScript arrays are assigned by reference, so this._keys and this._sorted_keys both point to the same array. Using a well-known trick, this can be rectified by replacing line 5 with

  this._sorted_keys = this._keys.slice(0).sort();

The code in the repository has been updated accordingly.

Full Description

Web applications are often entrusted with sensitive data which must be protected in transit between the Web browser and server to prevent its interception. Networks, especially wireless networks, are susceptible to eavesdropping, and precautions must be taken to ensure that it is not possible to read or interfere with data in the event of interception. Care must also be taken that data goes to its intended destination and is not waylaid en route.

Written for professional and student Web developers, this little book provides a clear, non-mathematical introduction to the essentials of cryptography and to the protocols used for securing communication on the World Wide Web, specifically TLS/SSL and HTTPS. Drawing on a thorough understanding of computing principles and many years experience in Web application development, the authors explain both the underlying theory and the available techniques for protecting sensitive data in transit to and from Web applications. The examples focus especially on the requirements of small e-commerce sites. Short working programs written in JavaScript/Node.js are provided throughout the book and via this Web site.

Topics covered include:

Table of Contents