Here is a welcome addition to a developers toolbox. Well, welcome from the perspective of a security wonk. There is a Visual Studio plugin available that checks your code for cross site scripting (XSS) problems.
From CGI Security:
“One of the biggest, constant problems we’ve seen our enterprise customers deal with and we here at Microsoft have to also contend with is that of the XSS (Cross Site Scripting) bug. It’s very common and unfortunately, still an issue we have to deal with in many web applications. Internally, the ACE Team has been working on several projects to help mitigate and fix these issues, as well as detect them in the code bases that we review so that they can be fixed before going live.
XSSDetect runs as a Visual Studio plug-in and can detect potential XSS issues in managed code. “
A very interesting plugin. Has anyone out there been using this yet?
Read on.
[tags]XSS, Visual Studio Plugin, Safe Coding Practices[/tags]
