Preventing-issues-in-web-UI FAQ?

[Ralf <ralfml () alfray com>]

Hi guys!

Does anyone know of a good concise and exhaustive FAQ regarding the 
common security issues to look for when developping a web UI?

I already tried to look for the ever-classics filtering ../ out of query 
arguments, and the basics of the XSS as explained in The Cross-Scripting 
FAQ.
As a web developper, is there more I can do?
As a (novice) IT and as a geek I feel I'm missing tons of stuff but 
there are limits to whatever my imagination can google.
Basically I need a preventing-issues-in-web-UI-rather-than-fix faq.

R/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html