When I look what is possible with Cross-site Scripting (XSS), then I wonder how you can defend your site to any and all of these and future attacks.
Coming from a desktop application and back-end background, the jungle of the web keeps being overwhelming.
–jeroen