Question
Which of the following is an effective countermeasure
against Cross-Site Scripting (XSS) attacks in a web application?Solution
Detailed Explanation:Cross-Site Scripting (XSS) is a vulnerability where attackers inject malicious scripts into websites that are executed in the context of the user’s browser. The primary way to prevent XSS attacks is by implementing input validation to ensure that user-provided data does not contain malicious content and output encoding to neutralize special characters (e.g., <, >, &) before displaying them on web pages.
- Input validation ensures that data conforms to expected formats (e.g., alphanumeric for usernames) and blocks inputs containing dangerous characters or scripts.
- Output encoding modifies potentially harmful content so that it is treated as data rather than executable code. For example, encoding