Skip to content
April 23, 2014 / Andrew

Sanitizing HTML input with .NET

My current project needs to accept HTML input from users. Therefore, it needs to sanitize the input to prevent XSS. The previous owner of this project used Microsoft’s AntiXSS library, which is overzealous. For example, it strips out <ul> and <h1> and <strong> elements.

These are the most helpful things I found. They look very similar to each other.

Hopefully those links will help you too.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s