Due to issues with the latest releases of the AntiXSS library the Html Agility Pack is being suggested in a lot of places for sanitizing input to prevent XSS attacks. E.g.
- http://wpl.codeplex.com/releases/view/80289#ReviewsAnchor
- http://htmlagilitypack.codeplex.com/discussions/24346
- https://eksith.wordpress.com/2011/06/14/whitelist-santize-htmlagilitypack/
I was wondering if the project maintainers could comment on the actual suitability of the pack for this task as my impression was that was not it's intended goal. For example is it going to cope with the list of attacks listed here?
If the library is indeed up to the task than that's great.
Thanks