AntiSamy – HTML In Web Apps

A big problem right now in web application development is allowing users to add in HTML and then protecting them from malicious javascript. Fortunately, someone is working on this problem and giving the rest of us the results for free.

The “AntiSamy”:http://www.owasp.org/index.php/Category:OWASP_AntiSamy_Project library is named after the samy “worm” that hit MySpace and infected many thousands of pages before it was contained.

The page mentions that there is very little interest from the Rails community on this. I know there are plugins like the “whitelist plugin”:http://agilewebdevelopment.com/plugins/whitelist, but AntiSamy looks at least to be a nice compliment to something like whitelist.

Leave a Reply

Your email address will not be published. Required fields are marked *