XSS Prevention

Prophaze WAF can prevent advanced XSS attacks in the following ways

  • Blocks injection of client side scripts into browsers by attackers which allows them to steal session and cookie data

  • Uses Open source lib injection library along with regular expressions

  • HTML tag finder

  • Style/Script Tag prevention

  • JS Fragment prevention (URI)

  • CSS Fragment Prevention

  • Blocks XSS fingerprints

  • Event Handler Block

  • Attribute Vector Prevention

  • Noscript html injection

  • IE filters

  • Malformed XSS Filter

  • UTF-7 encoding XSS Prevention (IE)

  • Disallowed HTML attributes

PreviousHTTP Response SplittingNextLFI and RFI

Last updated