Zebra_Form has integrated cross-site scripting (XSS) prevention mechanism that automatically strips out potentially malicious code from the submitted data, and also features protection against cross-site request forgery (CSRF) attacks. It also prevents automated SPAM posts, out of the box and without relying on CAPTCHA by using honeypots.