What is Microsoft Anti-Cross Site Scripting Library (Anti XSS)?
AntiXSS 3.1 helps you to protect your current applications from cross-site scripting attacks, at the same time helping you to protect your legacy application with its Security Runtime Engine.
The Microsoft Anti-Cross Site Scripting Library V3.1 (Anti-XSS) is an encoding library designed to help developers protect their ASP.NET web-based applications from XSS attacks. It differs from most encoding libraries in that it uses the white-listing technique — sometimes referred to as the principle of inclusions — to provide protection against XSS attacks. This approach works by first defining a valid or allowable set of characters, and encodes anything outside this set invalid characters or potential attacks. The white-listing approach provides several advantages over other encoding schemes.
New features in this version of the Microsoft Anti-Cross Site Scripting Library include: – An expanded white list that supports more languages – Performance improvements – Performance data sheets in the online help and Support for Shift_JIS encoding for mobile browsers . A sample application – Security Runtime Engine (SRE) HTTP module – HTML Sanitization methods to strip dangerous HTML scripts.
One of the common web application problem today is Cross Site Scripting , Microsoft Anti-Cross Site Scripting Library is a must have tool for security developer , security auditor. using this tool will immediately point you where actually you need to rectify.
How to install?
Nothing complicated. Install the package by running the self-extracting executable file. This will create a directory structure containing the library and samples.
Pre-requisites:
.NET Framework 2.0
Operating systems Supported:
Windows 2000;
Windows Server 2003;
Windows Server 2008;
Windows Vista; Windows XP;
Windows XP 64-bit
Download Microsoft Anti-Cross Site Scripting Library here
You must log in to post a comment.