News

Contact

New security component: XssSanitizer

June 30, 2021

The XssSanitizer is a small, focused package that allows you to deal with malicious Html and JavaScript that might be injected into your application via user input.

Out of the box, it comes with a standard setup (oXssSanitizerStandard) which should cover most cases for the majority of users. It is however highly configurable, featuring several “sanitize modes” as well as being able to specify what to allow or block.

Why this component?

Within Web Applications, it is often possible for a user to enter freeform text via webforms. This text gets sent to the server, where it is processed further like being saved. Often, this user input is then shown in other parts of the application, like a name, description, biography, reply, etc.

If it is possible for the user to enter freeform text, they can misuse this to enter malicious HTML and JavaScript. If this user input is then shown somewhere else, it opens the door for Cross-Site Scripting (XSS). To combat this, user input needs to be checked and sanitized.

Download the free XSSSANITIZER here

Quicklinks

Resources

Company

Contact us

We'd love to hear from you. If you have any questions or suggestions, please contact us!

FlexLinks

Subscribe to FlexLinks for useful tips and updates. Simply click the button below and be the first to know!

More about Flexlinks Flexlinks signup