Projects / DeXSS


DeXSS provides a SAX2 Parser to help protect against Cross-site scripting (XSS) attacks. DeXSS uses TagSoup to parse potentially malformed input, followed by a SAX2 filter pipeline to remove JavaScript from HTML. You can use the DeXSS parser in place of your existing SAX2 parser, or you can use the DeXSS utility to provide a string-to-string conversion.


Recent releases

  •  11 Jun 2012 22:30

    Release Notes: This release adds a CSS sanitizer, uses the OSBCP CSS Parser, canonizes CSS in @style, and attempts to remove javascript: and expression(). Inline