After my post yesterday about XSS prevention, quite some people tested it and reported me some holes in the script. I made of course the necessary adjustements and now wrote a little wiki article about what the script does and what common exploits are.

Feedback and additions are of course always welcome.