We are having many number of controllers in our application and these controllers are using get and post requests, we want to filter these request from xss issues on application level. Is there any way to do this on application level so if there are any get or post request its gets purified.
We have already parameter binding ,CHtml::purifiers ,Chtml::encode but now want a solution which can pass through any security assessment tool.
Here are some request link examples
GARBAGE STRING given- 0’”()%26%25<ScRiPt%20>dV6E(9559)