Items tagged xss, security, http
Filters: xss × security × http ×
2 results
IE8 Security Part IV: The XSS Filter (via) IE8 will include an XSS filter to identify and neutralise “reflected” XSS attacks (where malicious code in a query string is rendered to the page), turned on by default. Sounds like a good idea to me, and site authors can disable it using Yet Another Custom HTTP header (X-XSS-Protection: 0). # 3rd July 2008, 9:37 am
Don’t serve JSON as text/html. Another sneaky XSS trick. # 5th July 2006, 11:46 pm