[Full-Disclosure] Preventing-issues-in-web-UI FAQ?

[Ralf]

Hi guys!

Does anyone know of a good concise and exhaustive FAQ regarding the 
common security issues to look for when developping a web UI?

I already tried to look for the ever-classics filtering ../ out of query 
arguments, and the basics of the XSS as explained in The Cross-Scripting 
FAQ.
As a web developper, is there more I can do?
As a (novice) IT and as a geek I feel I'm missing tons of stuff but 
there are limits to whatever my imagination can google.
Basically I need a preventing-issues-in-web-UI-rather-than-fix faq.

R/