Class | Rack::Protection::XSSHeader |
In: |
lib/rack/protection/xss_header.rb
|
Parent: | Base |
Prevented attack: | Non-permanent XSS |
Supported browsers: | Internet Explorer 8 and later |
More infos: | blogs.msdn.com/b/ie/archive/2008/07/01/ie8-security-part-iv-the-xss-filter.aspx |
Sets X-XSS-Protection header to tell the browser to block attacks.
Options:
xss_mode: | How the browser should prevent the attack (default: :block) |