How to use Microsoft AntiXss 4.x?

Question

I want to use the new version of the AntiXss library from Microsoft. I downloaded it from the Nuget package but I'm not sure where should I go from here. No documentation is provided for the library and all the articles I find on the Web are old. Since a lot has changed and pretty much everything I want to use is marked as deprecated in the library itself, I wonder which is the best way to use this library?

Should I make it my default encoder?
Should I modify all the views to use Microsoft.Security.Application.AntiXss.HtmlEncode() and such?
Both maybe?

Any help would be appreciated.

score 1 · Answer 1 · edited May 23 '17 at 10:31

1

Take a look at this answer to "Why use Microsoft AntiXSS library?" for a hint to get you started.

edited May 23 '17 at 10:31

Community

1
1

answered Apr 08 '15 at 15:22

jpvantuyl

584
10
22

score 0 · Answer 2 · answered May 05 '17 at 23:18

0

using System.Web.Security.AntiXss;

string a = AntiXssEncoder.XmlAttributeEncode(text);

answered May 05 '17 at 23:18

Samer Khatib

9
1

score 0 · Answer 3 · answered Nov 06 '19 at 10:55

0

Regarding Microsoft.Security.Application.AntiXss being deprecated, Microsoft advises to use Microsoft.Security.Application.Encoder instead. It's a static class inside the same library as the AntiXss class.

answered Nov 06 '19 at 10:55

Jamie Butterworth

527
6
11

How to use Microsoft AntiXss 4.x?

3 Answers3