Web Application Hacker's Handbook by Dafydd Stuttard and Marcus Pinto is the perfect place to start learning about web application security. It is structured in such a way that you can start reading knowing nothing about web technologies, and finish the book having mastered the solid basics of application security.

The initial chapters are related to web technologies, such as how the HTTP protocol works and the latest dynamic technologies for the frontend.

It is not based on OWASP or a well-known methodology, but it includes the same content.