"GXP implements a number of useful and interesting
features. My favorite is automatic escaping and quoting of content:
using GXP automatically protects you against a huge range of
cross-site scripting attacks. Another nice feature is validation
(according to document type) of the content you include. For
example, in an HTML document, GXP's compiler will flag things like
unknown and misused elements and attributes."
