Prevent Script Injection with server side implementation

768 views Asked by At

I am looking for a implementation to secure my application from script injection and stopping from any unwanted operation on client side.

I was wondering for any such solution through which I can check that the user input is not having any malicious content on form submission. Are you having any such implementation or idea that can guide or help me to get rid of this script injection. Will prefer if check will be done on server side as client side are generally less reliable.

1

There are 1 answers

0
ValarDohaeris On

The most recommended solution for this problem is the one using ESAPI js library. I don't remember exactly but it somewhat works like this. When you are taking an input from user do it like this- String js = ESAPI.encoder().encodeForJavaScript(userInput);

For reference us e following link

ESAPI JS