Now that we have understood what XSS attack is, let’s take a look at some of the ways XSS can be prevented or at least make it difficult for the hackers to implement it.
- Sanitize, Sanitize, Sanitize the input fields. I can’t stress on this enough, if the developers get this right it will prevent most XSS attacks. Make sure on both client and server sides field validation is done. For example if the field is email address ensure it can only take email address and nothing else. If anything else is detected reject it right away.