Cross-site scripting (XSS) is one of the major threats menacing the privacy of data and the navigation of trusted web applications. Since its disclosure in late 1999 by Microsoft security engineers, several techniques have been developed with the aim of securing web navigation and protecting web applications against XSS attacks. XSS has been and is still in the top 10 list of web vulnerabilities reported by the Open Web Applications Security Project (OWASP). Consequently, handling XSS attacks has become one of the major concerns of several web security communities. Despite the numerous studies that have been conducted to combat XSS attacks, the attacks continue to rise. This motivates the study of how the interest in XSS attacks has evolved over the years, what has already been achieved to prevent these attacks, and what is missing to restrain their prevalence. In this paper, we conduct a systematic mapping and a comprehensive survey with the aim of answering all these questions. We summarize and categorize existing endeavors that aim to handle XSS attacks and develop XSS-free web applications. The systematic mapping yielded 157 high-quality published studies. By thoroughly analyzing those studies, a comprehensive taxonomy is drawn out outlining various techniques used to prevent, detect, protect, and defend against XSS attacks and vulnerabilities. The study of the literature revealed a remarkable interest bias toward basic (84.71%) and JavaScript (81.63%) XSS attacks as well as a dearth of vulnerability repair mechanisms and tools (only 1.48%). Notably, existing vulnerability detection techniques focus solely on single-page detection, overlooking flaws that may span across multiple pages. Furthermore, the study brought to the forefront the limitations and challenges of existing attack detection and defense techniques concerning machine learning and content-security policies. Consequently, we strongly advocate the development of more suitable detection and defense techniques, along with an increased focus on addressing XSS vulnerabilities through effective detection (hybrid solutions) and repair strategies. Additionally, there is a pressing need for more high-quality studies to overcome the limitations of promising approaches such as machine learning and content-security policies while also addressing diverse XSS attacks in different languages. Hopefully, this study can serve as guidance for both the academic and practitioner communities in the development of XSS-free web applications.

中文翻译：

---

自揭露跨站脚本攻击二十二年后：系统映射和全面调查


跨站点脚本 (XSS) 是威胁数据隐私和可信 Web 应用程序导航的主要威胁之一。自 Microsoft 安全工程师于 1999 年底披露以来，已经开发了多种技术，旨在保护 Web 导航并保护 Web 应用程序免受 XSS 攻击。 XSS 一直并且仍然位于开放 Web 应用程序安全项目 (OWASP) 报告的十大 Web 漏洞列表中。因此，处理 XSS 攻击已成为多个 Web 安全社区的主要关注点之一。尽管已经进行了大量研究来对抗 XSS 攻击，但攻击仍在继续增加。这促使人们研究多年来对 XSS 攻击的兴趣是如何演变的、在防止这些攻击方面已经取得的成就以及在限制其流行方面还缺少什么。在本文中，我们进行了系统的测绘和全面的调查，旨在回答所有这些问题。我们对现有的旨在处理 XSS 攻击和开发无 XSS Web 应用程序的努力进行了总结和分类。系统绘图产生了 157 项高质量的已发表研究。通过彻底分析这些研究，得出了一个全面的分类法，概述了用于预防、检测、保护和防御 XSS 攻击和漏洞的各种技术。文献研究表明，人们对基本（84.71％）和JavaScript（81.63％）XSS攻击存在明显的兴趣偏见，并且缺乏漏洞修复机制和工具（仅1.48％）。值得注意的是，现有的漏洞检测技术仅关注单页面检测，忽略了可能跨越多个页面的缺陷。 此外，该研究还提出了有关机器学习和内容安全策略的现有攻击检测和防御技术的局限性和挑战。因此，我们强烈主张开发更合适的检测和防御技术，并更加注重通过有效的检测（混合解决方案）和修复策略来解决 XSS 漏洞。此外，迫切需要进行更多高质量的研究，以克服机器学习和内容安全策略等有前途的方法的局限性，同时解决不同语言的各种 XSS 攻击。希望这项研究能够为学术界和从业者社区开发无 XSS Web 应用程序提供指导。