xss-prevention
Installation
SKILL.md
XSS Prevention (OWASP A07)
Prevent Cross-Site Scripting attacks by properly encoding output and sanitizing user input.
When to Use
- Displaying user-generated content
- Building dynamic HTML
- Implementing rich text editors
- Rendering markdown or HTML
- Working with URL parameters in pages
- Building search results pages
XSS Types
| Type | Vector | Example |
|---|---|---|
| Reflected | URL parameters | ?search=<script>alert(1)</script> |
| Stored | Database content | Comment with malicious script |
Related skills