Need Anti-XSS Best Practices

I need a combination of best practices and a description of how the underlying exploitations of cross site scripting attacks work.

Thanks.
newbiewebSr. Software EngineerAsked:
Who is Participating?
 
Craig KehlerConnect With a Mentor Director of Customer Service & Community RelationsCommented:
For prevention see this write-up https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet

It includes a link to their write-up on injection theory. https://www.owasp.org/index.php/Injection_Theory

I would also mention their testing guide to your QA team. That is how I found owasp originally and have found them to be a great resource. https://www.owasp.org/index.php/OWASP_Testing_Project
0
 
btanConnect With a Mentor Exec ConsultantCommented:
OWASP is a good resource and to say that XSS is one of the top 10 vulnerability to watch out. See " How to Prevent "

https://www.owasp.org/index.php/Top_10-2017_A7-Cross-Site_Scripting_(XSS)
0
 
newbiewebSr. Software EngineerAuthor Commented:
thanks
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.