Share via


Features of Web Protection Library v1.0

Syed Aslam Basha here from the Information Security Tools team.

WPL v1.0 has got the following features:

  • AntiXSS library (It has got deprecated methods of AntiXSS)
  • Encoder Library (It has got AntiXSS methods provided in the new namespace)
  • Security runtime engine (SRE) configuration editor
  • SRE modules
    • Cross-site scripting protection module
    • SQL injection partial protection module

For more information on usage refer to the my earlier blog posts.

-Syed Aslam Basha ( syedab@microsoft.com )

Microsoft Information Security Tools (IST) Team

Test Lead

Comments

  • Anonymous
    January 15, 2010
    Hi, I have downloaded WPL v1.0 and added 6 dlls to my bin folder of web application.  I would like to use the cross-site scripting http module.  can you please assist me in doing that? I have added <add name="AntiXssModule" type="Microsoft.Security.Application.SecurityRuntimeEngine.AntiXssModule"/> under the HTTP Modules node in web.config but it doesn't recognize the module. Any help will be appreciated. Thanks, -Himanshu Patel him_patel@hotmail.com

  • Anonymous
    January 15, 2010
    Hi Himanshu, Thanks for contacting. Have you referred the blog posts about how to use WPL and configuring SRE. Best Regards, Syed