Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Stanford University

CS 253 Web Security

Stanford University via YouTube


This course is a comprehensive overview of web security. The goal is to build an understanding of the most common web attacks and their countermeasures. Given the pervasive insecurity of the modern web landscape, there is a pressing need for programmers and system designers to improve their understanding of web security issues. We'll be covering the fundamentals as well as the state-of-the-art in web security. Topics include: Principles of web security, attacks and countermeasures, the browser security model, web app vulnerabilities, injection, denial-of-service, TLS attacks, privacy, fingerprinting, same-origin policy, cross site scripting, authentication, JavaScript security, emerging threats, defense-in-depth, and techniques for writing secure code. Course projects include writing security exploits, defending insecure web apps, and implementing emerging web standards.


Web Security - Lecture 01 - What is Web Security? HTML & JavaScript Review.
Web Security - Lecture 02 - HTTP, Cookies, Sessions.
Web Security - Lecture 03 - Session Attacks.
Web Security - Lecture 04 - Cross-Site Request Forgery, Same Origin Policy.
Web Security - Lecture 05 - Exceptions to the Same Origin Policy.
Web Security - Lecture 06 - Cross-Site Scripting (XSS).
Web Security - Lecture 07 - Cross-Site Scripting Defenses.
Web Security - Lecture 08 - Fingerprinting and Privacy on the Web - Pete Snyder.
Web Security - Lecture 09 - Denial-of-service, Phishing, Side Channels.
Web Security - Lecture 10 - Code Injection.
Web Security - Lecture 11 - Transport Layer Security.
Web Security - Lecture 12 - HTTPS in the Real World - Emily Stark & Chris Palmer.
Web Security - Lecture 13 - Authentication.
Web Security - Lecture 14 - WebAuthn - The future of user authentication - Lucas Garron.
Web Security - Lecture 16 - Managing security concerns in a large Open Source project - Myles Borins.
Web Security - Lecture 17 - Server security: Safe coding practices.
Web Security - Lecture 18 - Local HTTP server security.
Web Security - Lecture 19 - DNS rebinding attacks.
Web Security - Lecture 20 - Browser architecture, Writing secure code.

Taught by


Related Courses


5.0 rating, based on 1 reviews

Start your review of CS 253 Web Security

  • Solomon Mehiret Jemberie
    I got it more than I expected But i want to get a certificate how can I get it? Thanks!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

    !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Never Stop Learning!

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free