Is worrying about XSS,CSRF,sql injection, cookie stealing enough to cover web-security?

Question

Web applications on uncompromised computers are vulnerable to XSS,CRSF,sql injection attacks and cookie stealing in unsecure wifi environments.

To prevent those security

Answer 1

It definitely is not enough! There are several other security issues you have to keep in mind when developing a web-app. To get an overview you can use the OWASP Top-Ten

I think this is an very interesting post to read when thinking about web-security: What should a developer know before building a public web site? There is a section about security that contains good links for most of the threats you are facing when developing web-apps.

The most important thing to keep in mind when thinking about security is: Never trust user input!

[I am answering to this "old" question because I think it is always an actual topic.]