Server based WebApplications now (2004) need to attend to increasingly sophisticated attacks due to CrossSiteScriptingExposure.
XSS is the acronym coined by security practioners to distinguish CrossSiteScripting from CSS which is the term for CascadingStyleSheets.
Reading Material
- MS article in 2000 http://www.microsoft.com/technet/security/news/crssite.mspx
- MS security bulletin http://www.microsoft.com/technet/security/bulletin/MS00-060.mspx
- FAQ from Beyond Security http://www.securiteam.com/securityreviews/5FP000A81E.html
MicrosoftDotNet concerns
MicrosoftChannelNine has this post for code related to AspDotNet at http://channel9.msdn.com/wiki/default.aspx/Channel9.HowToPreventCrossSiteScripting