.NET libraries to sanitize input?

.net security sanitization
TWA picture TWA · Jun 2, 2009 · Viewed 17.1k times · Source

Are there any thoroughly tested .NET libraries out there to sanitize input from things like script/sql injection?

Answer

Tim Scarborough picture Tim Scarborough · Jun 2, 2009

I like to use the Microsoft AntiXSS library. It's free and pretty easy to use.

For SQL injection, I always use parameters. Again, they are easy to use and I don't like trying to escape special characters. It's a recipe for disaster if you ask me.

Related questions

Default SecurityProtocol in .NET 4.5

What is the default security protocol for communicating with servers that support up to TLS 1.2? Will .NET by default, choose the highest security protocol supported on the server side or do I have to explicitly add this line of code: …

Read More
Why is JsonRequestBehavior needed?

Why is Json Request Behavior needed? If I want to restrict the HttpGet requests to my action I can decorate the action with the [HttpPost] attribute Example: [HttpPost] public JsonResult Foo() { return Json("Secrets"); } // Instead of: public JsonResult Foo() { return …

Read More
Convert String to SecureString

How to convert String to SecureString?

Read More