Cross-site scripting (XSS) was, is and probably will be the most popular web application vulnerability to exploit—so it’s good news that Google has developed an internal web application security ...