For years, (security aware) software developers were using OWASP ESAPI (Enterprise Security API) as a security framework to validate input/output to prevent Cross Site Scripting (XSS). Although it supports Java, Python, PHP and .NET among the others, only Java toolkit is mature enough to be used by the enterprises in production environment. |
Now .NET users have Microsoft Anti-Cross Site Scripting Library to help protect applications from XSS attacks. In addition, enterprises may find Security Runtime Engine very useful since it has the ability to protect legacy applications from XSS attacks without having to change too much code. |
Thursday, September 3, 2009
AntiXSS v3.0
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment