owaspantisamy - Project Hosting on Google Code

Code license:	New BSD License
Labels:	Webapplicationsecurity, webappsec, owasp, j2ee, api, xss, cross-sitescripting, csrf, aspectsecurity, i8jesus.com, i8jesus

Show all Featured downloads:
Arshan Dabirsiaghi - Towards Malicious Code Detection and Removal.PDF OWASP Fall 2007 San Jose - Anti Samy.pptx antisamy-bin.1.3.jar antisamy-src.1.3.zip

Show all Featured wiki pages:
Contributors

Links:	OWASP
Blogs:	Author Homepage
Feeds:	Project feeds

People details

Project owners:
	arshan.dabirsiaghi
Project committers:
	jerryhoff, li.jason.c, planetlevel, Mario.Heiderich, jonathan.irving, einnocent

Welcome to the distribution repository for the OWASP AntiSamy project (http://www.owasp.org/index.php/AntiSamy) is a collection of APIs for safely allowing users to supply their own HTML and CSS without exposing the site to XSS vulnerabilities.

The methodology of AntiSamy is unique in that it is built on a positive security model in both the format of the HTML document and the content within the document. It's also unique in that it attempts to help the user tune their input to pass validation in a cooperative spirit, rather than treating users as potential attackers which is how all contemporary security mechanisms work.

-Arshan Dabirsiaghi