A RetroSearch Logo

Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Search Query:

Showing content from https://github.com/OWASP/CheatSheetSeries/issues/376 below:

Cross_Site_Scripting_Prevention_Cheat_Sheet · Issue #376 · OWASP/CheatSheetSeries · GitHub

What is missing or needs to be updated?

We should update Bonus Rule #4: Use the X-XSS-Protection Response Header

How should this be resolved?

Browsers don't give proper support anymore:
Chrome has XSS Auditor Removed: https://www.chromestatus.com/feature/5021976655560704
Firefox have not, and will not implement X-XSS-Protection: https://bugzilla.mozilla.org/show_bug.cgi?id=528661
Edge have retired their XSS filter: https://blogs.windows.com/windowsexperience/2018/07/25/announcing-windows-10-insider-preview-build-17723-and-build-18204/

Some of the links were provided via: metabase/metabase#11444

Thanks,
Ariel Coronel

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4