Web applications have become an integral part of the daily lives of millions of users. Unfortunately, web applications are also frequently targeted by attackers, and critical vulnerabilities such as Cross-site scripting (XSS) are still common. Conventional approaches for mitigating XSS vulnerabilities include static analysis to locate vulnerabilities in the application's source code and web programming languages or frameworks that are able to automatically generate secure web applications. In particular, these conventional approaches may include static code analysis, dynamic tainting, a combination of dynamic tainting and static analysis, prevention by construction or by design, and enforcement mechanisms that are executed in conjunction the web browser. However, despite these approaches, XSS attacks may be still prevalent in today's web applications.
For example, XSS vulnerabilities may manifest as a failure to preserve the integrity of Hyper Text Markup Language (HTML) documents in the presence of untrusted input to the web applications. An XSS vulnerability may allow an attacker to inject dangerous HTML elements including malicious client-side code. In this context, one approach for preventing the exploitation of XSS vulnerabilities is the sanitization of untrusted data. In this approach, sanitizers are applied to user data such that dangerous constructs cannot be injected into the HTML documents. However, such sanitizers need to be properly placed in their appropriate context as well as in the correct order to operate effectively, which may be considered a difficult task. Another approach to prevent XSS vulnerabilities is the use of output validators. Output validation involves checking whether or not the output of the web application conforms to a certain specification. However, manually applying output validators may be difficult and error prone.