XSS prevention in JSP/Servlet web application

Question

How can I prevent XSS attacks in a JSP/Servlet web application?

Answer 1

I would suggest regularly testing for vulnerabilities using an automated tool, and fixing whatever it finds. It's a lot easier to suggest a library to help with a specific vulnerability then for all XSS attacks in general.

Skipfish is an open source tool from Google that I've been investigating: it finds quite a lot of stuff, and seems worth using.