AntiXSS, the open source encoding library from the Microsoft Security Tools folks has gone live, and the binaries are available from the MS download centre. I’ve been recommending this for quite a while over the framework’s HttpEncode and UrlEncode simply because it offers more options (JavaScript, VBScript Xml Encoding) and has a visible test suite – plus if something does go wrong it’ll be easier to patch it quickly, rather than wait for a patched version of the .NET framework. There’s also a runtime module which will try to encode on the fly in case you forget to … ...