Embodiment relate to systems, methods, and computer storage media for suppressing cross-site scripting in a content delivery system. A request is received for content that includes a scripted item or scripted items. The scripted item is identified within the content. An identifier is associated with the scripted element when the scripted element is an intended scripted element to be associated with the content. The identifier may be a hash value based from a hash function and the scripted item. Prior to communicating the content to a user, the scripted item is identified again to determine if an identifier is associated with the scripted item. If an identifier is associated with the scripted item, the identifier is evaluated to determine if the identifier is appropriate. When the identifier is determined to not be appropriate, the scripted item is prevented from being communicated to a user.