Thursday, August 28, 2008

Enable XSS Detect in VS 2008


XSS Detect is a code-analysis tool proposed, as suggested by its name, for reveal of XSS vulnerabilities in web-applications.
It's developed by MS ACE Team and could be downloaded here: XSS Detect

The problem is that out of the box it works in VS 2005 only. Here is how to enable it in Visual Studio 2008:
  1. Open %USERPROFILE%\Application Data\Microsoft\MSEnvShared\Addins

  2. Insert < Version > 9.0 < /Version > in HostApplication section