"HTML 5 Security" is $4 for 60 pages. It is priced like a standalone short story. And it reads like a full length book. I came away from reading it with three takeaways
1 - lots of info on security
2 - a lot changed in the security space even if you aren't using the new html 5/browser features
3 - scary - some of these attacks are impossible to prevent at the moment
The author explains what XSS and Clickjacking are in case you don't already have that background. But read carefully even if you do. Both attacks have "developed" considerably since I learned about them. Plus now we have to worry about SVG and forms and autocomplete and data storage and ... You get the point. Read the book!
My only disappointment was that CSRF wasn't covered. Granted it didn't change with HTML 5, but too many people still don't know what it is.
This is the second "short story" length book that I've read. I like this one better. It crams more content into the short length. It doesn't waste time with a lengthy intro or other filler.
I'd write more, but I need to go tell some other people to buy this book.
Disclosure: I received a copy of this book from the publisher in exchange for writing this review on behalf of CodeRanch.