Tag: XXP

Total 5 Posts

Deprecating XSS Reports

A lot has changed in the browser landscape recently and we've seen all of the mainstream browsers move away from running their own XSS Auditor or XSS Filter. Given this shift, it's time for me to update a few things too. XSS Auditor and XSS FilterThe XSS Filter ran in…

Continue Reading

Security Headers Updates

I've just deployed a few changes to Security Headers to bring it up to date with recent changes in the industry. Here are the details and how they might affect you. Security Headers SponsorI announced sponsorship of the Security Headers project back in December 2016 and that continues through to…

Continue Reading

Introducing XSS Auditor reporting to Report URI

Whilst we already have support for CSP reports over at Report URI, there is another potential source of information about XSS attacks that may be attempted or happening on your site. The X-XSS-Protection header allows you to configure the XSS Auditor, deem what action it should take and request that…

Continue Reading