Update on the sanitizer.

Coordinator
Jul 19, 2012 at 6:13 PM

I wanted to update you on the current state of the sanitizer. We're aware of the frustration you're having and I can only apologise. We're still exploring options - I know it's been six months but I've been trying to get a long term solution to the problem rather than patching unwieldy code.

The attempt to find a better solution and the resources to deliver it are still on-going I'm afraid, but it is discussed and pushed for on a regular basis.

I'm sorry that's all I have for you right now.

Aug 22, 2012 at 11:03 PM

Hi,

I recently heard AntiXSS library was included in ASP.NET 4.5 (VS 2012) / .NET 4.5.

Does .NET 4.5 include the latest version of AntiXSS that is overly restrictive?

Thanks,
Brian 

Jan 11, 2013 at 4:31 PM

It's been a year now since the WPL was patched. Do we have any further news on updating the sanitizer?

Jan 30, 2013 at 6:04 PM

Reiterating programmerman's question.  bdorrans, should AntiXss be considered abandoned?  Obviously, .NET 4.5 covers some of the functionality, but (to my knowledge) doesn't have an equivalent to the GetSafeHtmlFragment() method.  Would love to know where things stand, as we have a number of libraries that rely on MWPL.