DeXSS 1.0.0

DeXSS project provides a SAX2 Parser to help protect against Cross-site scripting (XSS) attacks.

  Add it to your Download Basket!

 Add it to your Watch List!

0/5

Rate it!
send us
an update
LICENSE TYPE:
Academic Free License (AFL) 
USER RATING:
UNRATED
  0.0/5
DEVELOPED BY:
Leigh L. Klotz, Jr
HOMEPAGE:
software.graflex.org
CATEGORY:
ROOT \ Internet \ HTTP (WWW)
DeXSS project provides a SAX2 Parser to help protect against Cross-site scripting (XSS) attacks.

DeXSS uses TagSoup to parse potentially malformed input, followed by a SAX2 filter pipeline to remove JavaScript from HTML.

You can use the DeXSS parser in place of your existing SAX2 parser, or you can use the DeXSS utility to provide a string-to-string conversion.

Requirements:

Tag Soup

How to build

1. Obtain tagsoup-1.1.jar from http://tagsoup.info (If you need to change the TagSoup version, edit the file etc/build/build.properties.)
2. Place it in the dexss-1.0.0 directory
3. Type ant dist docs-api -emacs

How to test

1. Test for false positives

java -classpath tagsoup-1.1.jar:dist/lib/dexss-1.0.0.jar com.xerox.adoc.dexss.Test tests/benign/*.txt

or

java -classpath tagsoup-1.1.jar;dist/lib/dexss-1.0.0.jar com.xerox.adoc.dexss.Test tests/benign/*.txt

2. Test for false negatives

java -classpath tagsoup-1.1.jar:dist/lib/dexss-1.0.0.jar com.xerox.adoc.dexss.Test tests/xss/*.txt

or

java -classpath tagsoup-1.1.jar;dist/lib/dexss-1.0.0.jar com.xerox.adoc.dexss.Test tests/xss/*.txt

Last updated on May 1st, 2007

#SAX2 Parser #remove JavaScript #HTML JavaScript #DeXSS #SAX2 #Parser #remove

Add your review!

SUBMIT