In the FAQ of information page , you explain why someone use Anti-Cross Site Scripting Library but I really do not understand why?. We always use HTMLENCODE?
In you posting, why not cite the URL of the FAQ page - this would help everybody follow what you are saying.
Click "Mark as Answer" on the post that helped you.
This earns you a point and marks your thread as Resolved so we will all know you have been helped.
FAQ on the correct forum http://forums.asp.net/p/1337412/2699239.aspx#2699239
The Microsoft Anti-Cross Site Scripting Library differs from HTMLEncode method in that it uses the principle of inclusions technique, which first defines a set of valid characters so that anything outside that set is automatically encoded.
Ok Anti-Cross Site scripting library is used as an additional security measure to beef up the website security. It also involved generating a risk matrix and then working out set of valid parameters.
Read about it here with clear examples. Remember you can still use HTMLEncode...
rusgelin
0 Points
1 Post
Why should I use Anti-Cross Site Scripting Library instead of HtmlEncode?
May 06, 2007 08:05 PM|LINK
In the FAQ of information page , you explain why someone use Anti-Cross Site Scripting Library but I really do not understand why?. We always use HTMLENCODE?
TATWORTH
All-Star
72415 Points
14017 Posts
MVP
Re: Why should I use Anti-Cross Site Scripting Library instead of HtmlEncode?
May 06, 2007 08:39 PM|LINK
This earns you a point and marks your thread as Resolved so we will all know you have been helped.
FAQ on the correct forum http://forums.asp.net/p/1337412/2699239.aspx#2699239
e_screw
All-Star
19530 Points
3894 Posts
Re: Why should I use Anti-Cross Site Scripting Library instead of HtmlEncode?
May 26, 2007 11:22 AM|LINK
The Microsoft Anti-Cross Site Scripting Library differs from HTMLEncode method in that it uses the principle of inclusions technique, which first defines a set of valid characters so that anything outside that set is automatically encoded.
Thanks
Electronic Screw
Website||Blog||Dub@i.net
naturehermit
Star
14610 Points
3046 Posts
Re: Why should I use Anti-Cross Site Scripting Library instead of HtmlEncode?
Jun 19, 2007 02:40 PM|LINK
Ok Anti-Cross Site scripting library is used as an additional security measure to beef up the website security. It also involved generating a risk matrix and then working out set of valid parameters.
Read about it here with clear examples. Remember you can still use HTMLEncode...
http://msdn2.microsoft.com/en-us/library/aa973813.aspx