Exam4Training

Cross-site scripting (XSS) lets attackers inject client-side JavaScripts into a web page viewed by a targeted user.

Cross-site scripting (XSS) lets attackers inject client-side JavaScripts into a web page viewed by a targeted user.

Which encoding will you use in the <isprint> tag to avoid cross site scripting:

<script type="text/javascript"> var data = "<isprint encoding="" value="${unsafeData} "/>"; </script>
A . jsblock
B . jsattribute
C . htmlunquote
D . jshtml

Answer: A

Exit mobile version