Two Cross Site Scripting Cheat Sheets
I love cheat sheets. They jog my memory about things I need to do or should test for – especially when I have not done it for awhile.
From a test perspective, my favorite test value cheat sheet for cross site scripting (XSS) is http://ha.ckers.org/xss.html. If you have not tried out these samples (and variations on the themes) in your own web application, you need to do it now.
From a developer perspective, OWASP’s (Open Web Application Security Project) XSS (Cross Site Scripting) Prevention Cheat Sheet provides a set of rules to implement.