CRV2 InputValMicrosoftWebProtectionLibrary - Revision history

Michael Hidalgo at 17:41, 19 April 2014

2014-04-19T17:41:47Z

2014-04-19T17:41:32Z

2014-04-19T16:50:46Z

2014-04-19T16:45:29Z

2014-04-19T16:42:34Z

2014-04-19T16:34:08Z

2014-04-19T16:21:05Z

2014-04-19T16:17:11Z

Adding content to AntiXSS library

2014-03-22T16:43:19Z

Created page with "Microsoft Web Protection Library"

New page

Microsoft Web Protection Library

← Older revision		Revision as of 17:41, 19 April 2014
Line 1:		Line 1:
−	===Microsoft Web Protection Library===	+	===Microsoft Web Protection Library (STILL IN DRAFT)===

	Microsoft Web Protection Library or MWPL for short, provides a set of Microsoft .NET assemblies that help you to protect Web applications against Cross Site Scripting (XSS) and SQL Injection attacks. At the heart of MVPL, there are two built-in mechanisms to protect your applications. In one hand there is a library to protect against XSS called AntiXSS Library and in the other hand there is Security Engine Runtime that protects against XSS and SQL Injection attacks.		Microsoft Web Protection Library or MWPL for short, provides a set of Microsoft .NET assemblies that help you to protect Web applications against Cross Site Scripting (XSS) and SQL Injection attacks. At the heart of MVPL, there are two built-in mechanisms to protect your applications. In one hand there is a library to protect against XSS called AntiXSS Library and in the other hand there is Security Engine Runtime that protects against XSS and SQL Injection attacks.

← Older revision		Revision as of 17:41, 19 April 2014
Line 22:		Line 22:

	[[File:AntiXSSNuGet.png]]		[[File:AntiXSSNuGet.png]]
		+
		+
		+	There are some circumstances that you would like to allow some html tags as a part of the user input, for example in a forum or a blog post, you should provide a way that end users can enter some html tags to improve the content.

← Older revision		Revision as of 16:50, 19 April 2014
Line 20:		Line 20:
	===How to get AntiXSS library===		===How to get AntiXSS library===
	MWPL can be found at CodePlex https://wpl.codeplex.com. However, you can get AntiXSS from NuGet https://www.nuget.org/packages?q=AntiXSS. From Visual Studio and by using NuGet plug-in, you can add the library to your application :		MWPL can be found at CodePlex https://wpl.codeplex.com. However, you can get AntiXSS from NuGet https://www.nuget.org/packages?q=AntiXSS. From Visual Studio and by using NuGet plug-in, you can add the library to your application :
		+
		+	[[File:AntiXSSNuGet.png]]

← Older revision		Revision as of 16:45, 19 April 2014
Line 17:		Line 17:
	*Providing a white-list based sanitization		*Providing a white-list based sanitization
	*It sanitizes HTML pages or fragments		*It sanitizes HTML pages or fragments
		+
		+	===How to get AntiXSS library===
		+	MWPL can be found at CodePlex https://wpl.codeplex.com. However, you can get AntiXSS from NuGet https://www.nuget.org/packages?q=AntiXSS. From Visual Studio and by using NuGet plug-in, you can add the library to your application :

@@ Line 1: / Line 1: @@
-Microsoft Web Protection Library
+===Microsoft Web Protection Library===
 Microsoft Web Protection Library or MWPL for short, provides a set of  Microsoft .NET assemblies that help you to protect Web applications against  Cross Site Scripting (XSS) and  SQL Injection attacks. At the heart of MVPL, there are two built-in mechanisms to protect your applications. In one hand there is a library to protect against XSS called AntiXSS Library and in the other hand there is  Security Engine Runtime that protects against XSS and SQL Injection attacks.
-AntiXSS Library V4.2.1
+===AntiXSS Library V4.2.1===
 Microsoft AntiXSS Library helps you to protect against Cross Site Scripting. This library provides encoding functions for input, including HTML attributes, CSS and JavaScript. AntiXSS implements a whitelisting approach, which means that any character that is not part of the white list,is going to be encoded using rules based on the encoding type. Namely, AntiXSS provides two interesting approaches :

← Older revision		Revision as of 16:21, 19 April 2014
Line 2:		Line 2:

	AntiXSS Library V4.2.1		AntiXSS Library V4.2.1
−	Microsoft AntiXSS Library helps you to protect against Cross Site Scripting and SQL Injection vulnerabilities.	+	Microsoft AntiXSS Library helps you to protect against Cross Site Scripting and SQL Injection vulnerabilities. This library provides encoding functions for input, including HTML attributes, CSS and JavaScript. AntiXSS implements a whitelisting approach, which means that any character that is not part of the white list,is going to be encoded using rules based on the encoding type.

← Older revision		Revision as of 16:17, 19 April 2014
Line 1:		Line 1:
	Microsoft Web Protection Library		Microsoft Web Protection Library
		+
		+	AntiXSS Library V4.2.1
		+	Microsoft AntiXSS Library helps you to protect against Cross Site Scripting and SQL Injection vulnerabilities.