XSS

This plugin replaces the default ERB template handlers with erubis, and switches the behaviour to escape by default rather than requiring you to escape. This is consistent with the behaviour in Rails 3.0.

Patches rails_xss and Haml so AngularJS interpolations are auto-escaped in unsafe strings.

XssTerminate for Rails 3.2

A modernized version of Chris Wansthrath's venerable acts_as_textiled. It automatically textiles and then sanitizes columns to your specification. Ryan Grove's excellent Sanitize gem with nokogiri provides the backend for speedy and robust filtering of your output in order to: restrict Textile to a subset of HTML, guarantee well-formedness, and of course prevent XSS.

A gem to control the world!

XSpear is XSS Scanner on ruby gems

IMMUNIO protects your web app from security vulnerabilities by monitoring requests in realtime. After a two minute installation, your application will be protected from many of the top classes of attacks, including Cross-Site Scripting (XSS), SQL Injection, Remote Command Execution, and Bruteforce. This agent gem works in conjunction with the IMMUNIO service. Go to https://immun.io to learn more and create an account.

Dryopteris erythrosora is the Japanese Shield Fern. It also can be used to sanitize HTML to help prevent XSS attacks.

ronin-vulns is a Ruby library for blind vulnerability testing. It currently supports testing for Local File Inclusion (LFI), Remote File Inclusion (RFI), SQL injection (SQLi), reflective Cross Site Scripting (XSS), Server Side Template Injection (SSTI), and Open Redirects.

Drop-in XSS support for remote applications.

use subdomains to prevent XSS from accessing your entire application if it should happen to be injected into some page in your app

Patches rails_xss so AngularJS interpolations are auto-escaped in unsafe strings.Forked from https://github.com/makandra/angular_xss to remove HAML dependency

This gem disables the X-XSS-Protection header which Action Dispatch sets by default.

This Rails plugin provides automatic cross site scripting (XSS) protection for your views. Once installed, you no longer have to manually and painstakingly sanitize all your views with HTML escaping.

Inquisition is a fancy way to protect your ActiveRecord attributes from XSS

add method to erb, protect from XSS attack.

Markdown and textile -inspired markup that's XSS safe.

Provides an OmniAuth strategy for the TxSSC OAuth2 SSO

Vagrant plugin to allow VM ssh using Bash on Ubuntu on Windows

Rack middleware for declaratively setting the HTTP ContentSecurityPolicy (W3C CSP Level 2/3) security header to help prevent against XSS and other browser based attacks.

Hax <script>alert('omg hax')</script>

Multiple SSH logins gem

cross ssh client

Dryopteris erythrosora is the Japanese Shield Fern. It also can be used to sanitize HTML to help prevent XSS attacks.

It's raining XSS out there. Protect yourself with Slicker!

Secure request.referer for preventing XSS

This plugin provides XSS protection for views coded in HAML and RHTML. ERB templates are sometimes used for HTML, and sometimes for other kinds of languages (SQL, email templates, YAML etc.). XSS Shield protects only those templates with .rhtml extension, leaving templates with .erb extension unprotected.

Content filter to determine the XSS, spam or offensive quality of text.

Pagebox - XSS sandbox

A web application need a input filter.This gem protect your app from XSS atacks and flood.Differently It exempt you from many,many problems..)

Plugin that auto-sanitizes data before it is saved in your DataMapper models

A gem to sanitize URLs or HTML href attributes within <a> tags to help prevent XSS attacks.

A simple XSS Vulnerable Sample COde

Just an attempt to own a few things. <script>console.log</script>