In a typical Web application a client, such as a browser, interacts with a Web server by exchanging a series of messages that are made up of hypertext transfer protocol (HTTP) requests and responses. An attacker often exploits vulnerabilities that exist in a Web application to launch attacks. Some of the predominant types of attacks against Web applications include Cross-Site Scripting (XSS), SQL Injection (SQL-I), and Cross-Site Request Forgery (CSRF) attacks.