Need Anti-XSS Best Practices

curiouswebster
curiouswebster used Ask the Experts™
on
I need a combination of best practices and a description of how the underlying exploitations of cross site scripting attacks work.

Thanks.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Director of Customer Relations
Commented:
For prevention see this write-up https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet

It includes a link to their write-up on injection theory. https://www.owasp.org/index.php/Injection_Theory

I would also mention their testing guide to your QA team. That is how I found owasp originally and have found them to be a great resource. https://www.owasp.org/index.php/OWASP_Testing_Project
btanExec Consultant
Distinguished Expert 2018
Commented:
OWASP is a good resource and to say that XSS is one of the top 10 vulnerability to watch out. See " How to Prevent "

https://www.owasp.org/index.php/Top_10-2017_A7-Cross-Site_Scripting_(XSS)
curiouswebsterSoftware Engineer

Author

Commented:
thanks

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial