AntiXSS Microsoft Anti Cross Site Scripting Library

The Microsoft Anti-Cross Site Scripting Library (Anti-XSS) is an encoding library designed to help developers protect their ASP.NET web-based applications from XSS attacks.

This encoding libraries  uses the white-listing technique – sometimes referred to as the principle of inclusions – to provide protection against XSS attacks. This approach works by first defining a valid or allowable set of characters, and encodes anything outside this set.The white-listing approach provides several advantages over other encoding schemes.

New features in version 3.1 of the Microsoft Anti-Cross Site Scripting Library include:

  • An expanded white list that supports more languages
  • Performance improvements
  • Performance data sheets
  • Support for Shift_JIS encoding for mobile browsers
  • A sample application
  • Security Runtime Engine (SRE) HTTP module
  • HTML Sanitization methods to strip dangerous HTML scripts.


Download AntiXSS here

Tags: , ,

Leave a Reply

You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>