AntiXSS - validate JSON

Mar 3, 2011 at 1:43 AM

My webservice returns JSON and it uses AntiXSS to safeguard against attacks. However, i need a way to automatically validate the output json and ensure that it does not contain any malicious script.

is there a way to do it? can someone point me to a sample code?

Coordinator
Mar 3, 2011 at 3:17 AM

Not something AntiXSS does I'm afraid, however surely if you're using the safer parsers and not using eval you should be ok, unless you're populating tags with it?

Mar 4, 2011 at 9:35 PM

yeah. I am populating tags with it. unfortunately.

I also need to validate XMLs and verify if they have potential scripts. any way to do it?  :'(

Coordinator
Mar 14, 2011 at 10:11 PM

That's something I'd be uncomfortable addressing, it's way too wide an area to advise safely on I'm afraid.

Mar 17, 2011 at 6:39 PM

Yup. Looks Like i should try xssprobe. 

May 17, 2013 at 10:33 AM
hey,
Similar to this,I have a restful wcf service,where need to validate JSON and XML against the Xss.Is there anything in AntiXss ???