Jump to content

Community

Adlago

X-XSS- Protection

Recommended Posts

2 minutes ago, Nathan Explosion said:

Just to put it on the record....I am not currently wearing any pants. I am also hoping that this bus gets me home before the police car behind us catches up. 

Ask the driver to include the XSS and the police will not see anything.

Still, look around who's sitting in the back seat ...

Share this post


Link to post
Share on other sites

I've not read through the whole topic in detail. However, for what it's worth, enabling X-XSS-Protection (XXP) breaks embeds in Safari under certain circumstances.

Also, XXP has absolutely nothing to do with ddos attacks, it is just a rudimentary safeguard against reflected XSS attacks.

Of the handful of XSS attacks that I can recall finding in IPS, only one could be blocked by XXP (and as it happens, it was on a page where XXP was enabled and the attack was blocked in the browser which support it).

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...