Legacy system, wrap in COM object for vbscript?

Oct 30, 2009 at 3:36 PM

Hi,

A bit of an open subject, but do you think it is possible to wrap the AntiXSS library within a COM object so it is accessible from classic ASP?

The getting of a clean html fragment would be awesome and mind bending to create this from scratch in vbscript.

I was thinking of opening up the library via a webservice, but I don't really want to have the performance penelty.

-thanks

Alex.

Coordinator
Oct 30, 2009 at 4:26 PM

Yes, You can do it. There will be performance implications due to marshaling of objects. But I don’t think the performance would be severely degraded, this is because Anti-XSS library mostly uses strings as parameters and return values.

I would be really interested to see your performance results.

Thanks

Anil

From: alexkey [mailto:notifications@codeplex.com]
Sent: Friday, October 30, 2009 7:37 AM
To: Anil Revuru (INFORMATION SECURITY TOOLS)
Subject: Legacy system, wrap in COM object for vbscript? [AntiXSS:73612]

From: alexkey

Hi,

A bit of an open subject, but do you think it is possible to wrap the AntiXSS library within a COM object so it is accessible from classic ASP?

The getting of a clean html fragment would be awesome and mind bending to create this from scratch in vbscript.

I was thinking of opening up the library via a webservice, but I don't really want to have the performance penelty.

-thanks

Alex.

Read the full discussion online.

To add a post to this discussion, reply to this email (AntiXSS@discussions.codeplex.com)

To start a new discussion for this project, email AntiXSS@discussions.codeplex.com

You are receiving this email because you subscribed to this discussion on CodePlex. You can unsubscribe or change your settings on codePlex.com.

Please note: Images and attachments will be removed from emails. Any posts to this discussion will also be available online at codeplex.com

Oct 30, 2009 at 5:01 PM

Intruiging, thanks Anil.

Nov 6, 2009 at 11:48 AM

After looking in detail about the implications of COM objects (i havn't used them before)... Due to not wanting to mess around with COM object registration etc, I've gone down the route of wrapping AntiXSS in a WCF service, which so far so good and it's working pretty well.