How can I protect myself against cross-site scripting (XSS)?

Protecting yourself from cross-site scripting (XSS) attacks requires changes to your website that would normally be easily implemented by a computer scientist or developer (but would be difficult for a non-technical person to implement). These changes include adding Content-Type and X-Content-Type-Options headers to your website and creating a Content Security Policy (CSP).

Please refer to the "Website Security" section of the platform to learn about your protection against cross-site scripting and send the technical report to your web developer to fix any vulnerabilities found.