[owasp-antisamy] AntiSamy Alternative Project

James Manico jim at manico.net
Fri Nov 2 02:04:25 UTC 2012


AntiSamy users,

I'd like to suggest an alternative OWASP project that serves the same
AppSec need that AntiSamy serves.

Presenting the OWASP Java HTML Sanitizer Project.

https://www.owasp.org/index.php/OWASP_Java_HTML_Sanitizer_Project

This project is very high performance and has only one dependency. It
also passes most of the AntiSamy unit tests.

This project was created by Mike Samuel from Google, a very senior
AppSec control developer. He has been very responsive in fixing bugs
when a reported bug mandates a fix.

AntiSamy has an XML based configuration layer than HTML Sanitizer does
not have as of yet; Mike's project has an API based config layer.

I'm grateful for Arshan's work on AntiSamy. This is not an attack on
his great work. I just want to suggest an alternative open source
OWASP project that may suit your needs for XSS resistant HTML
Validation.

Aloha,
--
Jim Manico
@Manicode
(808) 652-3805


More information about the Owasp-antisamy mailing list