X-Xss-Protection HTTP Header
X-Xss-Protection
Cross-site scripting (XSS) filter.
Accepted Values
Multiple values are allowed, seperated by a semi-colon. Some options take a value, and that is preceded with an = after the option.- 0
Disable XSS filtering.
- 1
Enable XSS filtering.
- mode=<option>
Filtering mode.
Options:
block
Block page if XSS is detected.
- report="<url>"
URL to report XSS violations.
report="https://yourwebsite.com/url"
Example
X-Xss-Protection: 1; mode=block
Parse
Enter a X-Xss-Protection header below to parse and return details about it.
Reference
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection