antixsslibrary

How to use C# to sanitize input on an html page?

by

We are using the HtmlSanitizer .Net library, which: Is open-source (MIT) – GitHub link Is fully customizable, e.g. configure which elements should be removed. see wiki Is actively maintained Doesn’t have the problems like Microsoft Anti-XSS library Is unit tested with the OWASP XSS Filter Evasion Cheat Sheet Is special built for this (in contrast … Read more

What is the difference between AntiXss.HtmlEncode and HttpUtility.HtmlEncode?

by

I don’t have an answer specifically to your question, but I would like to point out that the white list vs black list approach not just “nice”. It’s important. Very important. When it comes to security, every little thing is important. Remember that with cross-site scripting and cross-site request forgery , even if your site … Read more

tech