1CONSOLE ERROR: line 4: The XSS Auditor refused to execute a script in 'http://localhost:8000/security/xssAuditor/resources/echo-intertag.pl?q=%3Cform%20action=http://127.0.0.1:8000/%20method=x%3E%3Cinput%20type=submit%3E%3Cinput%20name=x%20value=%27Please%20type%20your%20PIN.%27%3E¬ifyDone=1&showAction=1' because its source code was found within the request. The server sent an 'X-XSS-Protection' header requesting this behavior.
1CONSOLE ERROR: line 4: The XSS Auditor refused to execute a script in 'http://localhost:8000/security/xssAuditor/resources/echo-intertag.pl?q=%3Cform%20action=http://127.0.0.1:8000/foo&clutter=bar%20method=x%3E%3Cinput%20type=submit%3E%3Cinput%20name=x%20value=%27Please%20type%20your%20PIN.%27%3E¬ifyDone=1&showAction=1' because its source code was found within the request. The server sent an 'X-XSS-Protection' header requesting this behavior.
Issue 2868973003: XSSAuditor: truncate form action attribute like other src-like attributes
(Closed)
Created 3 years, 7 months ago by Tom Sepez
Modified 3 years, 4 months ago
Reviewers: Mike West
Base URL:
Comments: 0