Quantcast Microsoft Anti-Cross Site Scripting Library V3.1

Microsoft Anti-Cross Site Scripting Library V3.1

by Neon Quach 20. Tháng Chín 2009 02:50
Brief Description
AntiXSS 3.1 helps you to protect your current applications from cross-site scripting attacks, at the same time helping you to protect your legacy application with its Security Runtime Engine

Overview

The Microsoft Anti-Cross Site Scripting Library V3.1 (Anti-XSS V3.1) is an encoding library designed to help developers protect their ASP.NET web-based applications from XSS attacks. It differs from most encoding libraries in that it uses the white-listing technique -- sometimes referred to as the principle of inclusions -- to provide protection against XSS attacks. This approach works by first defining a valid or allowable set of characters, and encodes anything outside this set (invalid characters or potential attacks). The white-listing approach provides several advantages over other encoding schemes. New features in this version of the Microsoft Anti-Cross Site Scripting Library include: - An expanded white list that supports more languages - Performance improvements - Performance data sheets (in the online help) - Support for Shift_JIS encoding for mobile browsers - A sample application - Security Runtime Engine (SRE) HTTP module - HTML Sanitization methods to strip dangerous HTML scripts

Download from Microsoft

Tags:


Categories: xss

dotnetkicks dotnetshoutout dotnetburner servefault fairfeeds pimpthisblog yahoo buzz google buzz
Permalink | Bình luận (0)
blog comments powered by Disqus

About me

I'm currently employed as Software developer at sutrixmedia.com and also a Microsoft Certified Technology Specialist (MCTS), Microsoft Certified Professional Developer (MCPD) in Net Framework 2.0 and 3.5: Web Applications and MCTS .NET Framework 3.5, ADO.NET Applications

Powered by BlogEngine.NET 2.7.0.0 - Eco Theme by n3o Web Designers