A: Whether or not XSS attacks can be completely eliminated might be open for debate. However, just like SQL Injection, XSS vulnerabilities can be greatly reduced by properly sanitizing input data. Only allow the specific input data requested. Some times this is not enough to prevent XSS attacks. Proper cookie security is another issue that needs to be addressed. Click here for a reference to other techniques for preventing XSS attacks.
|