: This paper focuses on the different challenges to design a security typed web scripting language. It uses the type system approach on a simple imperative language that captures a subset of the security typed web language constructs to express the security properties that must be held in the language with respect to its formal semantics to prevent insecure information flow in web application system and hence the common web application security vulnerabilities. As a result we can guarantee that such a language will provide a secure web computing with high impedance to the most important web attacks