kotovalexarian-likes-github
/
sinatra
mirror of https://github.com/sinatra/sinatra
1
0
Fork 0
Code Releases Activity

Document Chrome is also supported by XSSHeader [ci skip] 

Closes #48
This commit is contained in:
Zachary Scott 2016-07-28 13:36:52 +09:00
parent b525d19538
commit 8fd566ecc0
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
rack-protection/README.md
View File

@ -52,7 +52,7 @@ Prevented by:
Prevented by:
* `Rack::Protection::EscapedParams` (not included by `use Rack::Protection`)
* `Rack::Protection::XSSHeader` (Internet Explorer only)
* `Rack::Protection::XSSHeader` (Internet Explorer and Chrome only)
* `Rack::Protection::ContentSecurityPolicy`
## Clickjacking

2
rack-protection/lib/rack/protection/xss_header.rb
View File

@ -4,7 +4,7 @@ module Rack
module Protection
##
# Prevented attack:: Non-permanent XSS
# Supported browsers:: Internet Explorer 8 and later
# Supported browsers:: Internet Explorer 8+ and Chrome
# More infos:: http://blogs.msdn.com/b/ie/archive/2008/07/01/ie8-security-part-iv-the-xss-filter.aspx
#
# Sets X-XSS-Protection header to tell the browser to block attacks.