WebApp Sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Existing XSS filters

From: "Tim Greer" <chatmaster () charter net>
Date: Fri, 20 Jun 2003 12:36:25 -0700
The Perl module could use a bit of work. A good start, it would be good to
expand on it. Perhaps I'll contact Nick and see if he'd like for me to
contribute (some ideas/code) to it in an effort to get it to the point where
it's a complete solution. I've not checked on the PHP one, want any
assistance?
--
Regards,
Tim Greer  chatmaster () charter net
Server administration, security, programming, consulting.


----- Original Message -----
From: "Ulf Harnhammar" <metaur () operamail com>
To: <webappsec () securityfocus com>
Sent: Friday, June 20, 2003 11:50 AM
Subject: Existing XSS filters



Here are the existing stand-alone open-source XSS filters that I know of:

kses (me, Ulf Harnhammar)
PHP
http://sourceforge.net/projects/kses

XSS filter for PHP4 - the filter from Squirrelmail (Konstantin Riabitsev)
PHP
http://www.mricon.com/html/phpfilter.html

HTML::StripScripts and related CPAN modules (Nick Cleaton)
Perl


http://search.cpan.org/author/NCLEATON/HTML-StripScripts-0.01/StripScripts.p
m


There are also a lot of people who's written some kind of XSS filter

specifically for their project. Some of them are better than others.


Please reply if you know about any other stand-alone, open-source filters.

// Ulf Harnhammar

--
____________________________________________
http://www.operamail.com
Get OperaMail Premium today - USD 29.99/year


Powered by Outblaze
Previous By Date Next
Previous By Thread Next

Current thread: