What should you do to prevent a DOM-based XSS attack?
A. Validate any input that comes from another Web site
B. Set the HttpOnly flag in cookies
C. Ensure that session IDs are not exposed in a URL
D. Ensure that a different nonce is created for each request
E. None of the other choices
