Share via

Explained – Cross-Site Scripting


Patterns and Practices home

ASP.NET 2.0 Security Videos

J.D. Meier, Keith Brown, Prashant Bansode
Microsoft Corporation

November 2007

This video module shows you how to protect from cross-site scripting issues.


  • Recognize cross-site scripting vulnerabilities.
  • Encode untrusted output with HtmlEncode.
  • Validate input with a regular expression.
  • Use ASP.NET’s built-in cross-site scripting protection mechanism.


The video is a small wmv file streaming / download: