Do we have any other pattern other than "<\s*script\b[^>]*>[^<]+<\s*/\s*script\s*>" to protect against XSS threat?
Answer by juan.florez · Feb 28, 2018 at 05:06 PM
None of the mentioned regex in this post work for js script injections through the json payload. Although, both work for injections through http headers...
,none of those regex filter js attacks inserted in the json body requests for rest apis