Firefox cross site scripting attacks

[lifewire]

hi
i have heard that cross site scripting is now most popular weapon that used by hacker can any one tell me how much possibility that going to effect Firefox users and how users can avoid such attacks?
thank you

[Snake08]

The Firefox development team is working on a new concept for using the specific Content Security Policy in the famous browser. That approach might make the application more secure and reduce the phenomena of cross site scripting

The Mozilla development team continues to work hard around the Firefox browser to increase the degree of security. The famous Foundation has just released a preview version of the application containing some implementations aimed at reducing the risk for attacks made via the Web The new solution leverages the specific Content Security Policy (CSP) designed to curb the effects of attacks using cross site scripting (XSS).

[Xylon]

CSP allows webmasters and creators of online spaces to place restrictions, useful for example to determine how a website external to access and relate to a given page online. This allows the creation of special lists in which to indicate which scripts can be run and from what sources on a specific website, thus avoiding that the browser can run scripts from unreliable sources or added pages to a user .

[Steve123]

How to prevent cross-site scripting security issues
Dynamically generated HTML pages can introduce security risks if inputs are not validated either on the way in or on the way out. Malicious script can be embedded within input that is submitted to Web pages and appear to browsers as originating from a trusted source.The following list outlines the general approaches to prevent cross-site scripting attacks:

* Encode output based on input parameters.
* Filter input parameters for special characters.
* Filter output based on input parameters for special characters.

check here for more