Microsoft Anti-Cross Site Scripting Library V3.0 Beta

Overview

The Microsoft Anti-Cross Site Scripting Library V3.0 (Anti-XSS V3.0) is an encoding library designed to help developers protect their ASP.NET web-based applications from XSS attacks. It differs from most encoding libraries in that it uses the white-listing technique — sometimes referred to as the principle of inclusions — to provide protection against XSS attacks. This approach works by first defining a valid or allowable set of characters, and encodes anything outside this set (invalid characters or potential attacks). The white-listing approach provides several advantages over other encoding schemes. New features in this version of the Microsoft Anti-Cross Site Scripting Library include: – An expanded white list that supports more languages – Performance improvements – Performance data sheets (in the online help) – Support for Shift_JIS encoding for mobile browsers – A sample application – Security Runtime Engine (SRE) HTTP module
 
For more information and to download the Microsoft Anti-Cross Site Scripting Library V3.0 Beta, please visit [http://www.microsoft.com/downloads/details.aspx?FamilyID=051ee83c-5ccf-48ed-8463-02f56a6bfc09&DisplayLang=en]
 
 
 
Posted by: Eric Lam
Location: Canberra/Australia
Category: Microsoft Technologies
Advertisements
This entry was posted in Microsoft Technologies. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s