GHERBI, ADEL AMINE2018-02-112018-02-112016http://dspace.univ-msila.dz:8080//xmlui/handle/123456789/2650Cross Site Scripting (XSS) is a common security problem of web applications where anattacker can inject scripting code into the input of the application that is then sent to a user’s web browser. In the web browser, this scripting code is executed and used to transfer sensitive data to a third party. Today’s solutions attempt to prevent XSS on the server side and client side, for example, by inspecting and modifying the data sent to and from the web application. Our presented solution aims to detect XSS attacks on the proxy side by analyzing both the client request and the server response and hashing each found script on the response page to compare this hash with the benign one. If the system detects any content deviation, the script will be blocked, and the XSS type detector will be triggered to eliminate any stored XSS from database. With such way our system does protect both server and client side. As a result, the user has an additional protection layer when surfing websites.enXSS attacks detection, web security, anti-XSS proxy, Cross-Site Scripting.Thesis