The Netcraft Toolbar blocks common cross-site scripting attacks, protecting users from coding weaknesses in trusted sites, including the NIST flaw. “That was the first time when a trusted, security-related site generated a Block XSS? message to me,” noted security researcher Juha-Matti Laurio, a frequent contributor to security community resources on the web.

Web programmers can prevent most cross-site scripting attacks by validating form input and potential modifications to URLs, and ensuring that all user data is correctly encoded before it is displayed or stored.