Which of the following is one of the most effective ways to prevent Cross-site Scripting (XSS) flaws in software applications?
A. Validate
and escape all information sent to a server
B. Use security policies and procedures to define and implement proper security settings
C. Verify access right before allowing access to protected information and UI controls
D. Use digital certificates to
authenticate a server prior to sending data
Contextual output encoding/escaping could be used as the primary defense mechanism to stop Cross-site Scripting (XSS) attacks.
References: