Florian Weber wrote:

> Does anybody know a ruby anti-xss library that passes all the cases
> described in the xss cheat sheet (http://ha.ckers.org/xss.html)?

I've been an advocate of whitelisting before, but after reading this I 
would never again use anything else. Don't even try doing blacklisting. 
It won't work.

-- 
http://flgr.0x42.net/