Cross-site scripting (XSS) is one of the major threats to the security of web applications. Many techniques have been taken to prevent XSS. This paper presents an approach to identify Cross-Site Scripting attacks based on URL analysis. The fundamental assumption of our method is that the URL contains a part that can produce a valid JavaScript syntax tree. First, we extract the parameters of the URL to produce a valid JavaScript syntax tree and weight its parsing depth. If its depth exceeds a user-defined threshold, the URL is considered suspicious. Second, to the exception URLs, a second level of defense is formed by analyzing its structure. The experimental results demonstrate that our approach can effectively distinguish most of the malicious URLs from the benign ones.