Abstract
Among the Web application vulnerabilities Cross Site Scripting attack is most common attack. It is a kind of attack in which the intruder can able to change the entire code of the process by hooking unnecessary data along with the code of data. It becomes a challenging issue to sanitize every user query form through which the malicious code would be hooked. In this paper a method is proposed, by which the Cross site scripting attack on web applications will be considerably reduced. The proposed method provides single solution to various kinds of attacks that is created by the attackers. The main objective is to prevent the attack, by incorporating the data dictionary along with the client side scripting rather than separate arrangement. Our approach is examined with real web application and results are evaluated. From the experimental results it is analyzed that by using the method, it does not need a very long rule generation or separate data dictionary. This method reduces time complexity, without random generation of input values. The implementation shows that the proposed method works well for the real time cross site scripting attacks.