Thursday, December 3, 2009

Filled Under:

Safe Yourself From XSS Attack : Microsoft Anti-Cross Site Scripting Library v3.1Released

Microsoft Anti-XSS library is a utility released by Microsoft for fighting against well known attacks XSS. It runs on a server based on ASP.Net server. It differs from most encoding libraries in that it uses the white-listing technique ,sometimes referred to as the principle of inclusions, to provide protection against XSS attacks.


safe from xss

This approach works by first defining a valid or allowable set of characters, and encodes anything outside this set invalid characters or potential attacks. The white-listing approach provides several advantages over other encoding schemes.

One of the common web application problem today is Cross Site Scripting , Microsoft Anti-Cross Site Scripting Library is a must have tool for security developer , security auditor. using this tool will immediately point you where actually you need to rectify.


BTW its requires .Net Framework for running and web-based applications for working and is released for it only.

New features in version 3.1 of the Microsoft Anti-Cross Site Scripting Library include:

  • An expanded white list that supports more languages
  • Performance improvements
  • Performance data sheets (in the online help)
  • Support for Shift_JIS encoding for mobile browsers
  • A sample application
  • Security Runtime Engine (SRE) HTTP module
  • HTML Sanitization methods to strip dangerous HTML scripts.


blog comments powered by Disqus