XSS - Cross Site Scripting

To learn about XSS I had googled and found lot of informative sites. Thought of sharing them here, below are the links,

http://ha.ckers.org/xss.html

http://today.java.net/pub/a/today/2005/09/20/handling-web-app-input.html

http://jakarta.apache.org/commons/lang/api-release/index.html

http://www.owasp.org/index.php/Main_Page

http://www.javalobby.org/java/forums/t63294.html


http://weblogs.java.net/blog/gmurray71/archive/2006/09/preventing_cros.html#comments

http://www-128.ibm.com/developerworks/tivoli/library/s-csscript/index.html

http://www.secologic.org/attacks

http://josephoconnell.com/java/xss-html-filter/source/

http://blog.phpdoc.info/archives/13-guid.html

http://www.howtocreate.co.uk/crosssite.html

http://www.linux.com/howtos/Secure-Programs-HOWTO/cross-site-malicious-content.shtml

http://en.wikipedia.org/wiki/Cross_site_scripting

http://www.technicalinfo.net/papers/CSS.html

http://www.w3schools.com/tags/ref_urlencode.asp


http://channel9.msdn.com/wiki/default.aspx/Channel9.HowToPreventCrossSiteScripting

http://java.sys-con.com/read/192434.htm

http://www.onjava.com/pub/a/onjava/2002/12/11/jakartastruts.html

http://www-128.ibm.com/developerworks/java/library/j-hibval.html

http://www.devx.com/Java/Article/29392/0/page/2

http://joelonsoftware.com/articles/Unicode.html

http://shiflett.org/archive/178

http://www.sitepoint.com/blogs/2006/03/15/do-you-know-your-character-encodings/

http://www.developer.com/tech/article.php/1140731

http://www.oreillynet.com/cs/user/view/cs_msg/32734