Which is NOT an ASM protection method for cross site scripting?
Which is NOT an ASM protection method for cross site scripting?
Token injection is typically associated with preventing CSRF (Cross-Site Request Forgery) attacks, not cross-site scripting (XSS). The other options—signatures, URI character set limiting, and parameter character set limiting—are commonly used as protection methods against XSS attacks.
C should be a protection method as well, with reference to CSRT https://support.f5.com/csp/article/K11930