Before countering XSS, one needs to understand how they work in detail. Understanding the weaknesses of Web applications and what methods attackers use will be important to combating these threats.