Together, the fences and visas provide a data "immigration" policy where the authors of a web application can easily specify how data is allowed to enter and exit their application through automated web- based means. These rules can help to prevent unwanted information leak or entry (such as the usual effects of Cross-Site Scripting attacks), as well as similar "loose-origin" vulnerabilities that may not yet be identified. The main benefits realized from our Immigration policy are preventive measures against cross-domain attacks and a relief of burden on web application programmers. Since content restrictions are specified by the web server and enforced by the browser regardless of the data actually served by the website, web application developers need to worry less that their code does the "right thing" with user input. This is especially beneficial as web sites more frequently allow visitors to contribute data in the fashion of the Web 2.0 movement.