Goal
The path to "実践理解!Webアプリケーション セキュリティ"
Here is the reading path leading up to this book, derived from its dependencies and ordered from the fundamentals.
The path so far (2 books)
Why read this first: Authentication, sessions, and cookies all sit on top of HTTP. Grasping HTTP's behavior from first principles first lets you understand structurally where in the protocol the vulnerabilities in Tokumaru's book actually arise.
Why read this first: Once Tokumaru's book has cemented the principles and root fixes, reinforce them with a modern, cross-layer view from browser to server. Widening the scope to supply chain and incident response raises the resolution of your defense.