Last post Jun 19, 2007 10:40 AM by naturehermit
May 06, 2007 04:05 PM|rusgelin|LINK
In the FAQ of information page , you explain why someone use Anti-Cross Site Scripting Library but I really do not understand why?. We always use HTMLENCODE?
May 06, 2007 04:39 PM|TATWORTH|LINK
May 26, 2007 07:22 AM|e_screw|LINK
The Microsoft Anti-Cross Site Scripting Library differs from HTMLEncode method in that it uses the principle of inclusions technique, which first defines a set of valid characters so that anything outside that set is automatically encoded.
Jun 19, 2007 10:40 AM|naturehermit|LINK
Ok Anti-Cross Site scripting library is used as an additional security measure to beef up the website security. It also involved generating a risk matrix and then working out set of valid parameters.
Read about it here with clear examples. Remember you can still use HTMLEncode...