Check out Writing Secure Code by Michael Howard and David LeBlanc from Microsoft Press. It's got a lot of good information on secure coding in general as well as a chapter or two specific to web programming. It's a Microsoft book but most of the ideas translate to whatever language you are working in.
Link to Amazon.
Principles to keep in mind if you want your applications to be secure:
There are some excellent books and articles online about making your applications secure:
Train your developers on application security best pratices
Security Compass (paid)
OWASP WebGoat (free)
Many resources are available, some in question are: