Popularity
3.7
Stable
Activity
7.1
Stable
179
22
63

Description

"Cross-site scripting (XSS) is a type of computer security vulnerability typically found in Web applications. XSS enables attackers to inject client-side script into Web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same origin policy. Cross-site scripting carried out on websites accounted for roughly 84% of all security vulnerabilities documented by Symantec as of 2007." - http://en.wikipedia.org/wiki/Cross-site_scripting

---

NOTES:

1) Use filter_input() - don't use GLOBAL-Array (e.g. $_SESSION, $_GET, $_POST, $_SERVER) directly

2) Use HTML Purifier if you need a more configurable solution

3) Add "Content Security Policy's" -> Introduction to Content Security Policy

4) DO NOT WRITE YOUR OWN REGEX TO PARSE HTML!

5) READ THIS TEXT -> XSS (Cross Site Scripting) Prevention Cheat Sheet

6) TEST THIS TOOL -> Zed Attack Proxy (ZAP)

Code Quality Rank: L3
Monthly Downloads: 23,942
Programming language: PHP
License: MIT License
Tags: Security     Protection     Xss     clean     anti-xss    

AntiXSS alternatives and similar libraries

Based on the "Security" category

Do you think we are missing an alternative of AntiXSS or a related project?

Add another 'Security' Library