diff --git a/rack-protection/README.md b/rack-protection/README.md
index bf6e5c6f..df344115 100644
--- a/rack-protection/README.md
+++ b/rack-protection/README.md
@@ -52,7 +52,7 @@ Prevented by:
 Prevented by:
 
 * `Rack::Protection::EscapedParams` (not included by `use Rack::Protection`)
-* `Rack::Protection::XSSHeader` (Internet Explorer only)
+* `Rack::Protection::XSSHeader` (Internet Explorer and Chrome only)
 * `Rack::Protection::ContentSecurityPolicy`
 
 ## Clickjacking
diff --git a/rack-protection/lib/rack/protection/xss_header.rb b/rack-protection/lib/rack/protection/xss_header.rb
index 6bb14861..eb6f92fe 100644
--- a/rack-protection/lib/rack/protection/xss_header.rb
+++ b/rack-protection/lib/rack/protection/xss_header.rb
@@ -4,7 +4,7 @@ module Rack
   module Protection
     ##
     # Prevented attack::   Non-permanent XSS
-    # Supported browsers:: Internet Explorer 8 and later
+    # Supported browsers:: Internet Explorer 8+ and Chrome
     # More infos::         http://blogs.msdn.com/b/ie/archive/2008/07/01/ie8-security-part-iv-the-xss-filter.aspx
     #
     # Sets X-XSS-Protection header to tell the browser to block attacks.