Paper Title
Securing Web Applications Against Cross-Site Scripting

Using Web applications becomes more popular, and this raises many security threats against them. One of the most common and dangerous threats is the Cross Site-Scripting (XSS). XSS scripts can be executed on web browsers as a result of a request generated by the user and processed by the server. The main objective of this research is to identify if the defensive mechanism against XSS is provided by popular browsers or not. In addition, it proposes a technique to prevent XSS attacks. This technique is based on validating the user input against malicious string used by the attackers. Results show that some browsers have defensive mechanism against simple cross site scripts while complex cross site scripts cannot be blocked by the browsers. Moreover, the proposed technique verifies the feasibility and practicality of the protection mechanism against persistent XSS attacks. Keywords— Cross-Site Scripting (XSS) Attack, Web Applications, Web Security, Security Threats.