Prevention to Cross-site Scripting Attacks: A Survey

With Internet becoming ubiquitous in every aspect of our life, there is an increase in the web applications providing day to day services like banking, shopping, mailing services, news updates, etc. But most of these applications have vulnerabilities or security loopholes like Cross site scripting (XSS), Cross-site request forgery (CSRF), SQL Injection which are being exploited by the hackers for malicious purposes. Hence there is a need for APIs/automated security tools to identify and/or prevent these vulnerabilities before the application goes live. This survey paper focuses on various security tools and prevention methodologies available to mitigate attacks due to Cross-site Scripting (XSS) and Cross-site request forgery (CSRF) vulnerabilities.