XSS Notes
What is Cross-Site Scripting?
IE has modified this page to help prevent XSS
How to set Http header X-XSS-Protection