- Network protection in our everyday lives is becoming increasingly critical today. Since we cannot live without the Internet, it is important to have a good and security environment for networking. Cross site scripting (XSS) does, however, attack millions of websites. We can use XSS to insert malicious scripting code into apps and then return it to the customer side. If users are using the web browser to visit the injecting place of the malicious script code, it is directly run on the customer machine. The main words of XSS are commonly found in the JavaScript browser or on the server component to filter malicious code. However, it is difficult to collect all keywords in the detecting-list in order to prevent XSS attack. However, it is possible to create various forms of malicious scripting. It is also worthwhile for more people to work on XSS and find more ways to prevent XSS attacks.