This is an older, but still relevant question.
We are using the HtmlSanitizer .Net library, which:
- is open-source
- is actively maintained
- doesn’t have the problems like Microsoft Anti-XSS library,
- Is unit tested with the
OWASP XSS Filter Evasion Cheat Sheet - is special built for this (in contrast to HTML Agility Pack, which is a parser)
Also on NuGet