Programming in HTML5 with JavaScript and CSS3 — Question 31

You are developing an HTML5 web application that provides a discussion forum for users. When a user registers to access the application, the user enters an email address.
Users can enter data that can result in cross-site scripting (XSS) attacks.
You need to ensure that email input is as secure as possible.
Which two techniques should you use? (Each correct answer presents a complete solution. Choose two.)

Answer options

• A. Remove all nonalphanumeric characters before submitting data.
• B. Use the email tag in forms where the email address is entered.
• C. Display all email addresses inside of an HTML5 ADDRESS element.
• D. Use jQuery validation with a regular expression to ensure that email addresses are valid.
• E. Ensure that all form data is encrypted when it is submitted.

Correct answer: B, D

Explanation

Option B is correct because using the email tag helps to ensure that the input is validated as an email format, enhancing security. Option D is also valid as it ensures that the email addresses entered conform to standard email formats, preventing invalid entries. Options A and C do not address the XSS issue effectively, and while option E is important for data protection, it does not directly secure the email input itself.