| Class | Rack::Protection::XSSHeader |
| In: |
lib/rack/protection/xss_header.rb
|
| Parent: | Base |
| Prevented attack: | Non-permanent XSS |
| Supported browsers: | Internet Explorer 8 and later |
| More infos: | blogs.msdn.com/b/ie/archive/2008/07/01/ie8-security-part-iv-the-xss-filter.aspx |
Sets X-XSS-Protection header to tell the browser to block attacks.
Options:
| xss_mode: | How the browser should prevent the attack (default: :block) |