Microsoft Cross-Site Scripting (XSS) library is a new library that can be used to lock down your ASP.NET web sites against XSS attacks.
The only caveat is that this library uses the principle of inclusions or “white-listing”. This means that this library is more useful for web sites that need more security and are willing to maintain a "white-list" of safe inputs.
Download it from here
Cross Site Scripting (XSS) is a security vulnerability that potentially enables a malicious user to "inject" code into a user's session with a Web site. Unlike most security vulnerabilities, XSS doesn't apply to any single vendor's products - instead, it can affect any software that runs on a Web server and that doesn't follow defensive programming practices.
Read more about XSS on:
http://www.technicalinfo.net/papers/CSS.html
http://www.microsoft.com/technet/archive/security/news/crssite.mspx?mfr=true
1 commenti:
Ohhh my god, it's truly intresting ;-))))))))))
Post a Comment