XSS Prevention
Prophaze WAF can prevent advanced XSS attacks in the following ways.
- Blocks injection of client side scripts into browsers by attackers which allows them to steal session and cookie data
- Uses Open source lib injection library along with regular expressions
- HTML tag finder
- Style/Script Tag prevention
- JS Fragment prevention (URI)
- CSS Fragment Prevention
- Blocks XSS fingerprints
- Event Handler Block
- Attribute Vector Prevention
- Noscript html injection
- IE filters
- Malformed XSS Filter
- UTF-7 encoding XSS Prevention (IE)
- Disallowed HTML attributes
