Consideration Points: Detecting Cross-Site Scripting

Web Application (WA) expands its usages to provide more and more services and it has become one of the most essential communication channels between service providers and the users. To augment the users' experience many web applications are using client side scripting languages such as JavaScript but this growing of JavaScript is increasing serious security vulnerabilities in web application too, such as cross-Site Scripting (XSS). In this paper, the authors survey all the techniques those have been used to detect XSS and arrange a number of analyses to evaluate performances of those methodologies. This paper points major difficulties to detect XSS.