Cross-site scripting (XSS) attacks exploit vulnerabilities in Web-based applications that fail to properly validate and/or encode input that is embedded in response data. Malicious users can then inject client-side script into response data causing the unsuspecting user's browser to execute the script...

Recently, I read a well done article about security concerns, and recommendations for securing Web application development, especially AJAX applications. Since Ajax Web applications exist on both the client and the server, they include the following security ...read more