XSS filter to remove all scripts

Question

I am implementing an XSS filter for my web application and also using the ESAPI encoder to sanitise the input.

The patterns I am using are as given below,

Answer 1

You can combine ESAPI and JSoup to clear out all the XSS vulnerabilities. I would definitely avoid trying to manually write all the regexes when other libraries are built to handle this for you.

Here is an XSS filter implementation for Jersey 2.x: How to Modify QueryParam and PathParam in Jersey 2