Cross-Site Scripting Attack Rule Statement