Microsoft Anti-Cross Site Scripting Library V4.0 (AntiXSS V4.0)

AntiXSS V4.0 is an encoding library designed to help developers protect their ASP.NET web-based apps from XSS attacks. It differs from most encoding libraries in that it uses white-listing technique -- sometimes referred to as the principle of inclusions -- to provide protection against XSS attacks. This approach works by first defining a valid or […]

AntiXSS V4.0 is an encoding library designed to help developers protect their ASP.NET web-based apps from XSS attacks. It differs from most encoding libraries in that it uses white-listing technique -- sometimes referred to as the principle of inclusions -- to provide protection against XSS attacks. This approach works by first defining a valid or allowable set of characters, and encodes anything outside this set (invalid characters or potential attacks). The white-listing approach provides several advantages over other encoding schemes.

New features include: » customizable safe list for HTML and XML encoding » Performance improvements; Support for Medium Trust ASP.NET apps » HTML Named Entity Support » Invalid Unicode detection » Improved Surrogate Character Support for HTML and XML encoding » LDAP Encoding Improvements » application/x-www-form-urlencoded encoding support.

More Info: Download