What version of MS Anti-XSS are you using?

Question

What version of MS Anti-XSS are you using?

I see version 1.5 and 3.0 beta , but I can’t find version 2. Is this just a stupid version of MS?

Are you using 3.0? Would you recommend this, or should I stick with 1.5?

+4

asp.net versioning asp.net-mvc xss

Lance fisher Jul 01 '09 at 17:53

source share

2 answers

If you decompile , you will see that the basic methods are very simple. It may not be marked “stable,” but frankly, there is nothing special that could be unstable. I’ll talk with 3.0 beta.

+1

Axl Jul 9 '09 at 17:41

source share

Martin buberl · Accepted Answer · 2009-07-09T17:22:14+0000

In general, I would never recommend using software in a production environment that is not marked as stable . I am using version 1.5 and it works pretty well for me.

A few weeks ago, I tested it against the http://ha.ckers.org/xss.html templates and all XSS attacks were identified.

Update

Version 4 of the AntiXSS library is now unavailable (part of the Web Protection Library ), and it is marked as stable and that I am using at the moment until a new stable release arrives.

What version of MS Anti-XSS are you using?

More articles: