I’ve just release version 0.3.1 of Cross Site Sniper. This is a minor bug fix update.
Cross Site Sniper is a Ruby on Rails plugin that automatically html escapes all string and text fields of ActiveRecord objects. Data is escaped as it is retrieved from the database to protect your site from XSS (cross site scripting) attacks without modifying or corrupting your original data. Convenience methods are provided to access the unescaped data when necessary. Edit forms are pre-populated with unescaped data as well to avoid user confusion and prevent double escaping.
Documentation and install instructions can be found at
