CAT.NET reports

Jun 15, 2010 at 11:50 PM

How can we validate that AntiXss module fixes some of the issues reported by CAT.NET? We ran CAT.NET reports with and without the AntiXss module enabled but got the same results.
We use Sample Application provide by AntiXss installation.

Jun 15, 2010 at 11:57 PM

If you specifically code and use the AntiXSS library in your code CAT.NET should be aware of this. If you are using the SRE you are not making any code changes and thus there is nothing for CAT.NET to detect - the errors are still present, it's just the Encoding module of the SRE may correct the output.