XSS-Vulnerability/EN/Solution Tips: Unterschied zwischen den Versionen
Zeile 1: | Zeile 1: | ||
+ | If it was reported, that your website is probably not sufficiently protected from [https://en.wikipedia.org/wiki/Cross-site_scripting XSS attacks]: | ||
+ | |||
1; mode=block | 1; mode=block | ||
Version vom 3. April 2019, 16:05 Uhr
If it was reported, that your website is probably not sufficiently protected from XSS attacks:
1; mode=block
Code example of an .htaccess file on an Apache webserver.
--snip
# Turn on XSS prevention tools, activated by default in IE and Chrome '''Header set X-XSS-Protection "1; mode=block"'''
—snap
Here is an example of an .htaccess file which will set the Header Scanner to green. (.htaccess example)