阿里巴巴集团web安全标准Ver1.4
Web application security http://en.wikipedia.org/wiki/Web_application_security
Protecting Web Applications and Users
http://www.asd.gov.au/publications/protect/protecting_web_apps.htm#frame
https://www.owasp.org/index.php/Category%3aOWASP_Application_Security_Verification_Standard_Project
http://www.rit.edu/security/sites/rit.edu.security/files/WebStandard-2013.pdf
http://www.columbia.edu/acis/security/articles/support/websecuritysoe.pdf
http://www.w3.org/Security/
https://www.owasp.org/index.php/Category:OWASP_Guide_Project
https://github.com/OWASP/DevGuide
http://stackoverflow.com/questions/549/the-definitive-guide-to-form-based-website-authentication?lq=1
http://security.calpoly.edu/content/standards/web-app-vulnerabilities
