Latest Version of All Browser have the XSS Protection bydefault is Enable .

Protection for ASP.NET

Microsoft Anti-XSS Library .

General Protection:

Input Validation .

Final Protection:

Implement WAF - Web Application Firewall

Thanks

Chandru