Microsoft Releases New Anti-XSS Tool

Microsoft just released a new Anti-XSS tool that works with .NET Framework 1.0, 1.1 and 2.0. Anytime you echo user input back to the Web Page you are susceptible either persistent or non-persistent cross site scripting attacks.

So what was wrong with using System.Web.HttpUtility.HtmlEncode? Check out my blog entry for more details:

Skip to main content