I know its hard to find the right gifts for christmas, so here is my recommendation. This book by Mario Heiderich, Christian Matthies, fukami and myself covers everything you ever wanted to know about securing webapplications.
The book is in german and guides you through writing secure webapplications (including flash) giving plenty examples for common problems, how to solve them and how to maintain your webapp. You will also learn everything about encoding and other basics, as well as the german law situation regarding webappsec. In the second part of the book we describe all common vulnerabilites in detail, including XSS, CSRF, SQLi, RCE, LFI and much more.
I can honestly recommend this book for beginners as well as for advanced developers and I’m sure even experts will learn some new tricks. It’s available in the next few days and should not be missing on your wish list !