Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Syed Aslam Basha here from the Information Security Tools team.
WPL v1.0 has got the following features:
- AntiXSS library (It has got deprecated methods of AntiXSS)
- Encoder Library (It has got AntiXSS methods provided in the new namespace)
- Security runtime engine (SRE) configuration editor
- SRE modules
- Cross-site scripting protection module
- SQL injection partial protection module
For more information on usage refer to the my earlier blog posts.
-Syed Aslam Basha ( syedab@microsoft.com )
Microsoft Information Security Tools (IST) Team
Test Lead
Comments
Anonymous
January 15, 2010
Hi, I have downloaded WPL v1.0 and added 6 dlls to my bin folder of web application. I would like to use the cross-site scripting http module. can you please assist me in doing that? I have added <add name="AntiXssModule" type="Microsoft.Security.Application.SecurityRuntimeEngine.AntiXssModule"/> under the HTTP Modules node in web.config but it doesn't recognize the module. Any help will be appreciated. Thanks, -Himanshu Patel him_patel@hotmail.comAnonymous
January 15, 2010
Hi Himanshu, Thanks for contacting. Have you referred the blog posts about how to use WPL and configuring SRE. Best Regards, Syed