When a software developer first gets exposed to web security, he will inevitably memorize his first acronym: XSS! It stands for “cross site scripting”, and it is one of the oldest vulnerabilities around.
The best defense is a good offense! See things from your enemy’s point of view! It takes a thief to catch a thief! All great advice, however, it is a bit hard