You are here:

JetScript\\\'s Data Sanitizer / XSS Cleaner

Vers: 1.2  

The JetScripts Data Sanitizer and XSS Cleaner prevents SQL-injection attacks and Cross-Site Scripting exploits by cleaning or \'sanitizing\' user-submitted data. It\'s a must for any website that accepts user input, such as blogs, bulletin boards, and contact forms.

This tool is intended for users who write or modify scripts, or who want an extra measure of protection against malicious users, hackers, and spambots. It is not intended for the casual user or those without at least some minimal knowledge of the PHP scripting language.

Common exploit command entities are removed, such as: \'alert\', \'cmd\', \'passthru\', \'eval\', \'exec\', \'system\', \'fopen\', \'fsockopen\', \'file\', \'file_get_contents\', \'readfile\', and \'unlink\'.

Also removed are dozens of Javascript-specific exploit entities, and the Sanitizer also performs a number of data transforms to ensure that malicious input isn\'t obfuscated and passed in. Entities like \'j a v a s c r i p t\', \'vbscript\', \'script\', \'applet\', \'alert\', \'document\', \'write\' and others are stripped of spaces and compacted back to their original forms for detection and removal.

Obfucated and escaped strings are converted and scanned, as well as UTF16 data, null characters, octal characters, cookie commands, and many other potentially malicious data strings.

No data sanitization process is perfect, but the JetScripts Sanitizer is an excellent first line of defense against the thousands of different SQL-injection attacks and Cross-Site Scripting exploits in use today. It\'s so good, we use it here and in all of our products that accept user input. The JetScripts Sanitizer is compact and fast loading, and is generally easy to add into most existing scripts. If you\'re writing a script then it\'s an even simpler matter to call it wherever user-supplied data is found.

Stop relying on half-baked measures like \'mysql_real_escape()\', \'strip_tags()\', \'magic_quotes()\' or other ineffective methods for cleaning and securing user-supplied data. None of those methods will stop even a slightly motivated hacker or script-kiddie.

The number and creativity of SQL-injection attacks and Cross-Site Scripting exploits increases every day- isn\'t it about time you started using some industrial-strength measures to keep them off your site and out of your server?

JetScript\\\'s Data Sanitizer / XSS Cleaner  Thumbnail Demo


Hits Licence Updated Platforms
0 May 15, 2010   PHP, mySQL 
Visit Demo Download

Rating: 0.00 / 5 (0 Vote cast)