NeatHtml

  •        66

NeatHtml™ is a highly-portable open source website component that displays untrusted content securely, efficiently, and accessibly. Untrusted content is any content that is not trusted by the website owner (e.g. blog comments, forum posts, or user pages on social networks).

http://neathtml.codeplex.com/

Tags
Implementation
License
Platform

   




Related Projects

eXlent2k7


eXlent2k7 is a CMS based on the most modern technologies (XHTML 1.1, CSS 2.1, PHP 5 objects, PDO, XML, DOM) with good security (CSRF protection, XSS prevention in template system, JavaScript can be disabled, SQL injection prevention in database class).

XSS-and-CSRF-Examples - Presentation about XSS and CSRF with example of code.


Presentation about XSS and CSRF with example of code.

csrf - gorilla/csrf provides Cross Site Request Forgery (CSRF) prevention middleware for Go web applications & services


gorilla/csrf is also compatible with middleware 'helper' libraries like Alice and Negroni....and then collect the token with csrf.Token(r) in your handlers before passing it to the template, JSON body or HTTP header (see below).

OriginOnly - This is a Firefox addon to demonstrate the cookie flag CSRF prevention mechanism.


This is a Firefox addon to demonstrate the cookie flag CSRF prevention mechanism.

php_csrf_demo - PHP CSRF Prevention - Demo App


PHP CSRF Prevention - Demo App



ctx-csrf - ctx-csrf is Cross Site Request Forgery (CSRF) prevention middleware for older versions of Goji (https://goji


Using the latest version of Goji? The one with support for Go's own request.Context() built-in? gorilla/csrf supports this out of the box, and is the preferred library going forward.This library is designed to work with not just the the Goji micro-framework, but any project that satisfies the goji.Handler interface: ServeHTTPC(context.Context, http.ResponseWriter, *http.Request).

CI_SQL_XSS_CSRF - ???????SQL Injection?XSS?CSRF???CodeIgniter???


???????SQL Injection?XSS?CSRF???CodeIgniter???

csrf - Cross Site Request Forgery (CSRF) prevention middleware for Goji (a Go micro-framework)


Goji v2 users: A new version with support for Goji v2 and any other context.Context aware muxes/applications (i.e. not just Goji!) is available in the goji/ctx-csrf repo.This library is designed to work with the Goji micro-framework, which is a simple web framework for Go that is broadly compatible with other parts of the Go ecosystem. It makes use of Goji's web.C request context, which doesn't rely on a global map, and is therefore safe to attach to your top-level router (if you so wish).

ProceXSS


ProceXSS is a Asp.NET Http module for detecting and ignoring xss attacks.

Skookum-csrf


A PHP Kohana 3 module for CSRF prevention. This module includes special handling and sample code for implementation with AJAX requests. Includes user agent validation, timeouts (expiration), and private key salted two-way encryption using mcrypt.

mozilla-OriginOnly


This is a Firefox addon to demonstrate the cookie flag CSRF prevention mechanism.

phpshopcart


single-page php shopping cart script

IIS Secure Parameter Filter (SPF)


SPF is an application security module Microsoft IIS web servers. SPF provides instant out-of-the-box protection against Parameter Tampering, Cross-Site Scripting (XSS), URL Manipulation, Cross-Site Request Forgery (CSRF), and Session Hijacking/Replay attacks.

WebCastellum


Java-based Open Source WAF (Web Application Firewall) to include inside a web application in order to protect it against attacks like SQL Injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), Parameter Manipulation and many more.

dora


Input generation library for value resolution, data persistence, templates, CSRF and protection from XSS.

gae-message-app


Sample code that illustrates Java GAE with protection against XSS and CSRF attacks.

unsyIDS


Un semplice web ids che filtra xss, csrf, sqli, rfi e lfi; è anche molto scalabile ed efficiente

hackxor


A webapp hacking game, where players must locate and exploit vulnerabilities to progress through the story. Think WebGoat but with a plot and a focus on realismamp;difficulty. Contains XSS, CSRF, SQLi, ReDoS, DOR, command injection, etc

GameOver


Training and educating about the web security

unsign3d-unsyIDS


Un semplice web ids che filtra xss, csrf, sqli, rfi e lfi; è anche molto scalabile ed efficiente