This is a shameless information gathering exercise for my own book.

One of the talks I give in the community is an introduction to web site vulnerabilities. Usually during the talk I can see at least two members of the audience go very pale; and this is basic stuff, Cross Site Scripting, SQL Injection, Information Leakage, Cross Site Form Requests and so on.

So, if you can think back to being one, as a beginning web developer (be it ASP.NET or not) what do you feel would be useful information about web security and how to develop securely? I will already be covering the OWASP Top Ten

(And yes this means stackoverflow will be in the acknowledgements list if someone comes up with something I haven't thought of yet!)

It's all done now, and published, thank you all for your responses