XSS Sanitizer
ajaxcontroltoolkit.htmleditor.sanitizer
This package provides HTML sanitization (to prevent XSS attacks) for the AjaxControlToolkit HtmlEditor extender.
rockfluid.markupsanity
Uses HtmlAgilityPack parser to protect against cross-site scripting by sanitizing html text against unrecognized tags and attributes. HTML is matched against defined whitelisted tags and attributes to ensure only known safe markups are allowed. Basic usage: String inputValue = "<a onclick="javascript:alert('Gotcha!');" href="javascript:alert('Gotcha again!');">Click Me</a>"; String cleanValue = inputValue.SanitizeHtml(); Console.Writeline(cleanValue); More information is available in the project site's wiki. What's New? 1.4.0 - Added RemoveComments configuration property. This allows the retention of comments after cleaning. - Refactored Sanitize() function for code maintainability. - Added new SanitizeConfigurations class to allow cleaning with a different set of configurations from the global settings. - Added new TrySanitizeHtml() function to check whether the input was dirty and subsequently cleaned. 1.3.1 - Added RemoveMarkupTagsOnly configuration property. This provides the option to remove the invalid markup tag only, retaining the contents. - Fixed a bug where spaces in the value of Type attributes circumvents the script type checking. 1.2.0 - Added CustomBlacklistedTags configuration property. This removes tags from internal and custom whitelists, for cases when internal list is acceptable except for a few tags configured in it. 1.1.0 - Added Supplemental Tags and Attributes to add extra elements to the internal defaults, instead of having to add all defaults again to the customs lists just to add a few special ones. - Other internal improvements. 1.0.1 - Added a comprehensive list of default whitelisted tags and attributes.
sgmlsanitizer
A sanitizer to remove elements and attributes from SGML based text files, such as HTML and XML. Note that this is a very simple implementation, but by using whitelists and a naĂŻve URL detection implementation XSS may be prevented. Use at your own risk though.
security.sanitization
Middleware to sanitize HTTP headers and JSON request bodies
philiprehberger.htmlsanitizer
Whitelist-based HTML sanitizer for XSS prevention with configurable allowed tags, attributes, and URL schemes.
bizbox.webapi.template
🏆 Enterprise-grade .NET 8 Web API template with Clean Architecture and 100% COMPLETE security implementation! ✨ SECURITY MILESTONE ACHIEVED: All 19 security items COMPLETE! (19/19 - 100%) 🎉 Features comprehensive JWT authentication with token blacklist for proper logout, role-based access control, SignalR real-time messaging, input sanitization for XSS protection, security headers for browser protection, rate limiting, token versioning, encrypted ticket system for BOLA/IDOR protection, comprehensive audit logging, account lockout, and configurable session management. NEW in v1.6.0: Facility Management + File Storage - Enterprise multi-tenant facilities and comprehensive file management! NEW in v1.5.0: CSRF Protection (Architecture-Based) - JWT + localStorage provides inherent protection! NEW in v1.4.0: Input Sanitization - Automatic XSS protection with comprehensive guide! NEW in v1.3.0: Security Headers - Browser protection with CSP, X-Frame-Options, and more! NEW in v1.2.0: Token Blacklist - Proper logout functionality with immediate token invalidation! 📊 Current Status: • Security Score: 100% COMPLETE (19/19 items) 🎉 • HIPAA Compliance: 55% Complete (Core features done) • Production Ready: ✅ Yes • Documentation: 3,000+ lines of professional guides Perfect for building secure enterprise APIs requiring HIPAA readiness, healthcare applications, finance systems, or any high-security web applications with modern .NET practices.
shieldxss
Security middleware for XSS and SQL injection protection in ASP.NET Core
sanitizeurl.net
A lightweight .NET library that sanitizes URLs by removing potentially harmful or unwanted characters. Inspired by Braintree's Sanitize URL for JavaScript, this package ensures URLs are safe for use in web applications, preventing XSS attacks and other vulnerabilities.