API Extra Security Layer with XSS Protection using Laravel

Cross-site scripts (XSS) attack is where the attacker execute malicious scripts in a web browser of the victim by including malicious code in a legitimate web page or web application. An application is vulnerable to XSS if the application not sanitize user input and output.

So, basically, don’t trust user input!