I’ve just release version 0.3.1 of Cross Site Sniper. This is a minor
bug fix update.
Cross Site Sniper is a Ruby on Rails plugin that automatically html
escapes all string and text fields of ActiveRecord objects. Data is
escaped as it is retrieved from the database to protect your site from
XSS (cross site scripting) attacks without modifying or corrupting your
original data. Convenience methods are provided to access the unescaped
data when necessary. Edit forms are pre-populated with unescaped data as
well to avoid user confusion and prevent double escaping.
Documentation and install instructions can be found at
http://xss.rubyforge.org
–