kri shan wrote:AJAX is server side Java Script implementation.
No, it is not. Ajax is a technique used to send an HTTP request to a server via JavaScript without the need to refresh the browser's page.
kri shan wrote:I guess XSS attack is on the client side Scripting. Am i right ?
You don't know what XSS is and you are asking how to prevent it? I suggest you do some
reading.