* 歴史 ** IE8 [REFS[ - [5] [CITE@en[IE8 Security Part IV: The XSS Filter - IEBlog - Site Home - MSDN Blogs]] ([TIME[2012-11-18 01:16:09 +09:00]] 版) - [1] [CITE@en[IEBlog : IE8 Security Part IV: The XSS Filter]] ([TIME[2008-12-06 00:29:42 +09:00]] 版) - [2] [CITE@en[IE8 Security Part IV: The XSS Filter - IEBlog - Site Home - MSDN Blogs]] ([TIME[2010-10-27 15:18:13 +09:00]] 版) - [6] [CITE@en[Controlling the XSS Filter - IEInternals - Site Home - MSDN Blogs]] ([TIME[2012-11-18 01:43:55 +09:00]] 版) - [3] [CITE[IE8 XSS Filterの仕様が微妙に変更されていた。 - 葉っぱ日記]] ([TIME[2010-10-08 10:25:32 +09:00]] 版) - [4] [CITE[IRC logs: freenode / #whatwg / 20110329]] ( ([TIME[2011-04-10 20:06:55 +09:00]] 版)) ]REFS] * 例 [FIG[ [7] [PRE(HTTP example code)[ X-XSS-Protection: 1 ]PRE] ]FIG] [FIG[ [8] [PRE(HTTP example code)[ X-XSS-Protection: 0 ]PRE] ]FIG] [FIG[ [9] [PRE(HTTP example code)[ X-XSS-Protection: 1; mode=block ]PRE] ]FIG] [10] [CITE[Chromium Blog: Security in Depth: New Security Features]] ( ([TIME[2012-11-17 12:03:40 +09:00]] 版)) [11] [CITE[Bug 100892 – Support X-XSS-Protection: report=URL header syntax in XSSAuditor.]] ( ([TIME[2012-11-18 01:52:05 +09:00]] 版)) [12] [CITE[XSSフィルタの誤検出とその対策について - 金利0無利息キャッシング – キャッシングできます - subtech]] ( ([TIME[2012-11-18 01:59:02 +09:00]] 版)) [13] [CITE[Masato Kinugawa Security Blog: ブラウザのXSS保護機能をバイパスする(4)]] ( ([TIME[2014-12-10 22:38:07 +09:00]] 版)) [14] [CITE[iframeがChromiumのXSS Filterに引っかかる - ぷちてく - Petittech]] ( ([TIME[2017-05-29 01:17:10 +09:00]])) [15] [CITE@en[702542 - False positives with ERR_BLOCKED_BY_XSS_AUDITOR - chromium - Monorail]] ( ([TIME[2017-05-29 01:19:12 +09:00]])) [FIG(quote)[ [FIGCAPTION[ [16] [CITE@ja[Facebook - ログインまたは登録]] ([TIME[2018-04-14 20:00:34 +09:00]]) ]FIGCAPTION] > x-xss-protection:0 ]FIG] [FIG(quote)[ [FIGCAPTION[ [17] [CITE@ja[「いま」を見つけよう]] ([TIME[2018-04-14 20:05:25 +09:00]]) ]FIGCAPTION] > x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report > ]FIG]