Following a decision by Google Chrome developers to disable Auditor, developers should be able to disable the auditor for older browsers and set it to 0.
The X-XSS-PROTECTION header was found to have a multitude of issues, instead of helping the developers protect their application.
The following discussion describes the issue at hand with more references: OWASP/CheatSheetSeries#376
A PR is currently open to tackle the issue at the CheatSheet Series project: OWASP/CheatSheetSeries#378
If approved, we can help with creating a PR for this issue.
Available for further discussions 😄
thelebdev, wrslatz, zetos, Randulfe, thesameeric and 2 more
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4