Prevent XSS[Cross-Site Scripting] Attacks

Cross site scripting (also known as XSS) occurs when a web application gathers malicious data from a user. Often attackers will inject JavaScript, VBScript, ActiveX, HTML, or Flash into a vulnerable application to fool a user (Read below for further details) in order to gather data from them Persistent Attack Example <script>document.location=’'</script> Non-Persistent Attack Example http://portal.example/index.php?sessionid=12312312&username=<script>document.location=’'</script> DOM-based Attack Example<script>alert(document.cookie)</script> […]