[owasp-antisamy] AntiSamy Alternative Project
jim at manico.net
Fri Nov 2 02:04:25 UTC 2012
I'd like to suggest an alternative OWASP project that serves the same
AppSec need that AntiSamy serves.
Presenting the OWASP Java HTML Sanitizer Project.
This project is very high performance and has only one dependency. It
also passes most of the AntiSamy unit tests.
This project was created by Mike Samuel from Google, a very senior
AppSec control developer. He has been very responsive in fixing bugs
when a reported bug mandates a fix.
AntiSamy has an XML based configuration layer than HTML Sanitizer does
not have as of yet; Mike's project has an API based config layer.
I'm grateful for Arshan's work on AntiSamy. This is not an attack on
his great work. I just want to suggest an alternative open source
OWASP project that may suit your needs for XSS resistant HTML
More information about the Owasp-antisamy