Preventing X-XSS-Protection header missing, X-Content-Type-Options etc

Register Sign In

Preventing X-XSS-Protection header missing, X-Content-Type-Options etc

Martin7483
Crossfire CMS
Posts: 373
Threads: 14
Joined: Sep 2015
Reputation: 20

#3

07-17-2017, 12:35 AM

You can't enforce anything that comes from the client. Thats why you must never trust data coming from a request as it can be manipulated

Messages In This Thread

Preventing X-XSS-Protection header missing, X-Content-Type-Options etc - by june123 - 07-14-2017, 02:16 AM

RE: Preventing X-XSS-Protection header missing, X-Content-Type-Options etc - by june123 - 07-16-2017, 07:58 PM

RE: Preventing X-XSS-Protection header missing, X-Content-Type-Options etc - by Paradinight - 07-17-2017, 08:14 PM

RE: Preventing X-XSS-Protection header missing, X-Content-Type-Options etc - by Martin7483 - 07-17-2017, 12:35 AM

RE: Preventing X-XSS-Protection header missing, X-Content-Type-Options etc - by Narf - 07-17-2017, 01:34 AM

Theme © iAndrew 2016 - Forum software by © MyBB