Web application frameworks are now mature and sophisticated. But are too many developers depending on them too much to provide security for web applications? Sasha Zivojinovic of Context Information Security believes that developers don't always understand how user-provided data is going to be used within the application, and this can make them highly vulnerable.