Microsoft Anti-Cross Site Scripting Library 3.1

by admin September 16, 2009 at 3:10 pm

The Microsoft Anti-Cross Site Scripting Library V3.1 (Anti-XSS V3.1) is an encoding library designed to help developers protect their ASP.NET web-based applications from XSS attacks. It differs from most encoding libraries in that it uses the white-listing technique — sometimes referred to as the principle of inclusions — to provide protection against XSS attacks. This approach works by first defining a valid or allowable set of characters, and encodes anything outside this set (invalid characters or potential attacks). The white-listing approach provides several advantages over other encoding schemes. New features in this version of the Microsoft Anti-Cross Site Scripting Library include: – An expanded white list that supports more languages – Performance improvements – Performance data sheets (in the online help) – Support for Shift_JIS encoding for mobile browsers – A sample application – Security Runtime Engine (SRE) HTTP module – HTML Sanitization methods to strip dangerous HTML scripts

System Requirements
• Windows 2000; Windows Server 2003; Windows Server 2008; Windows Vista; Windows XP; Windows XP 64-bit
• Microsoft Windows Software: .NET Framework 2.0

Download: Microsoft Anti-Cross Site Scripting Library 3.1