Cross-site scripting

Recommendations

Report a typo

What recommendations should developers follow to protect their web application from XSS attacks?

Select one or more options from the list

Do not use the Content Security Policy on this site. It is out of date.

Use HTTP headers.

If possible, disallow links to other web pages if they do not begin with a whitelist protocol.

Encode the data that the user enters.

___

Create a free account to access the full topic