anti Xss injection

what is  Xss injection?

Xss taken is one way of value taken invasion (code taken attack) Concept. So the main of XSS Shot is an invasion using HTML value. to create the Anti-SQL taken, we can use the following source:


antixss work ($ data)
{
     $ xss = htmlspecialchars (trim ($ data));
     come again $ xss;
}


From the resource above we see two functions, namely functions htmlspecialchars and reduce, then what is their role?
Htmlspecialchars: helps to ignore the html meta details, eg places modified to% 20, so that when there is an attacker to position html value, it will not be research as HTML meta details, but basically words.
Trim: reduce here helps to remove the position individuality before aspect of the words.