Microsoft Releases New Anti-XSS Tool


Microsoft just released a new Anti-XSS tool that works with .NET Framework 1.0, 1.1 and 2.0. Anytime you echo user input back to the Web Page you are susceptible either persistent or non-persistent cross site scripting attacks.


So what was wrong with using System.Web.HttpUtility.HtmlEncode? Check out my blog entry for more details:


http://blogs.msdn.com/dansellers/archive/2006/02/16/533846.aspx

Comments (0)

Skip to main content