Using IE8 to mitigate XSS attack

Yesterday I was playing a little bit with IE8 when I received the following warning message in IE window:


Internet Explorer has modified this page to prevent a potential cross-site-scripting attack.


Yep, that’s right: IE8 now mitigates XSS attack by using the built in XSS Filter. Do you want to know more about this? Check this great explanation/demo below:


Also, you can review why IE Team adopted this new approach to prevent XSS attack:


Skip to main content