Computerworld

W3C approves spec for Web site scripting

Seeking to establish an industry standard for Web site scripting, the World Wide Web Consortium (W3C) on Thursday published the Document Object Model (DOM) Level 2 HTML specification as a W3C ...
heise online

Web-Security: With Content Security Policy against Cross-Site Scripting, Part 2

Cross-site scripting (XSS) remains one of the most common security threats to web applications. Despite advanced protection mechanisms, attackers continue to find new ways to exploit XSS ...