HTML: Standard markup language to structure a web page

There are different programming languages that are used in designing websites. The most popular languages are HTML (hypertext markup language), CSS. PHP and JavaScript are programming languages geared toward functionality but can also be used to control the behavior and the look and feel of a website.

HTML stands for Hyper Text Markup Language, which is the most widely used language on Web to develop web pages. Hypertext systems were envisioned as early as 1940 by Vannevar Bush and have a rich history. Tim Berners-Lee and Robert Caillau at CERN, in 1989-1990 developed HTML as a simplification of SGML. CERN launched the web in 1991 (HTML+HTTP).

Hypertext Markup Language is the underlying markup language of the World Wide Web. It’s the common thread that ties together virtually every Web site, from large-scale corporate sites such as Microsoft’s to single-page classroom projects at the local grade school.

Hypertext refers to the way in which Web pages (HTML documents) are linked together. Thus, the link available on a webpage is called Hypertext. A markup language annotates or “marks up” plain text, letting a browser knows how to format that text so it looks good on a Web page.

As its name suggests, HTML is a Markup Language which means the user can use HTML to simply "mark-up" a text document with tags that tell a Web browser how to structure it to display.

The HTML page is actually stored on the computer that is hosting the web site and the page is sent to the user browser.

HTML: Standard markup language to structure a web page

Boilerplate code

Boilerplate refers to written material that is used over and over again, with only slight modification.

Typically, the missing composition operators are emulated by a specific programming style, e.g in terms of design patterns, coding styles or coding idiom, which describe interaction between objects.

<!DOCTYPE html>
<html>
<head>
  <meta charset="UTF-8"/>
  <title></title>
</head>
<body>

</body>
</html>

To emulate compositions within existing languages, design patterns typically require some pieces of code which are application independent but cannot be localized on one module: this refers to code pieces as boilerplate code.

Boilerplate code is a code that necessarily has to be the same or close to the same by virtue of the way it needs to be used.
Boilerplate code

Cross-site scripting

The Cross Site scripting is one of the problems that have plagued a lot of websites. Cross site scripting or XSS, is a term for a category of security issues in which an attacker injects HTML tags or scripts into a target website.

Cross-site scripting vulnerabilities date back to 1996 during the early days of the World Wide Web. A time when e-commerce began to take off, the bubble days of Netscape, Yahoo and the obnoxious blink tag.

In December 1999, David Ross was working in security response for Internet Explorer at Microsoft. He was inspired by the work of Georgi Guninsky who was at the time finding flaws in Internet Explorers security model.

David demonstrated that web content could expose ‘Script Injection’ effectively by -passing the same security guarantees by passed by Georgi’s Internet Explorer code flaws, but where the fault seemed to exist on the server side instead of the client side Internet Explorer code.

Cross site scripting can be performed by passing scripts in form of:
*TextBox
*Cookies
*Query Strings
*Web application variable
*Session variables

A web page is vulnerable to cross site scripting if it dynamically generates document content and bases that content on user submitted date without first ‘sanitizing’ that data by removing any embedded HTML tags from it.
Cross-site scripting