Neglect your server-side validation at your peril: without adequate protection your web application will be wide open to a host of malicious attacks: XSS attacks, and SQL/NoSQL injection. After briefly describing each of these threats, we will look at how client side validation and its (significant) limitations, before introducing common types of web attacks (XSS and injections), how you can defend yourself, as well as looking at a few examples