Using IE8 to mitigate XSS attack

Yesterday I was playing a little bit with IE8 when I received the following warning message in IE window:

Internet Explorer has modified this page to prevent a potential cross-site-scripting attack.

Yep, that’s right: IE8 now mitigates XSS attack by using the built in XSS Filter. Do you want to know more about this? Check this great explanation/demo below:

https://msdn.microsoft.com/en-us/library/cc994337(VS.85).aspx

Also, you can review why IE Team adopted this new approach to prevent XSS attack:

https://blogs.msdn.com/ie/archive/2008/09/29/statistical-validation-of-the-ie8-xss-filter.aspx