Difference between revisions of ".NET AntiXSS Library"

From OWASP
Jump to: navigation, search
Line 1: Line 1:
 
(NOTE:) This content is a work in progress and all contribution is welcome.  Please contact Jeff Knutson ([[User:Jeff Knutson]]) with questions, ideas, corrections, etc.
 
(NOTE:) This content is a work in progress and all contribution is welcome.  Please contact Jeff Knutson ([[User:Jeff Knutson]]) with questions, ideas, corrections, etc.
  
== Problem Overview ==
+
== Overview ==
  
 
Cross site scripting (XSS) continues to show up on the [[Category:OWASP_Top_Ten_Project|OWASP Top Ten Project]] as a top vulnerability.   
 
Cross site scripting (XSS) continues to show up on the [[Category:OWASP_Top_Ten_Project|OWASP Top Ten Project]] as a top vulnerability.   

Revision as of 21:29, 14 April 2014

(NOTE:) This content is a work in progress and all contribution is welcome. Please contact Jeff Knutson (User:Jeff Knutson) with questions, ideas, corrections, etc.

Overview

Cross site scripting (XSS) continues to show up on the as a top vulnerability.

Options

TODO

Now

  • Look at the Microsoft implementations
  • See what work has already been done in the OWASP space for XSS
  • See what other work has been done for XSS (both .NET and other technology stacks)
  • Illustrate vulnerabilities and how to mitigate them (e.g. WebGoat)

Future

  • Dream big here!