Ways to prevent SQL Injection Attack & XSS in Java Web Application

Question

I\'m writing a java class which would be invoked by a servlet filter and which checks for injection attack attempts and XSS for a java web application based on Struts. The Injec

Answer 1

Validating and binding all data is a must. Perform both client-side and server-side validatation, because 10% of people turn off JavaScript in their browsers.

Jeff Atwood has a nice blog about the topic that gives you a flavor for its complexity.