Reputation: 4385
Can Cross Site Scripting Filter be disabled from aspx page or using web.config?
I want to turn OFF Internet Explorer cross site scripting xss filter for my website. Is it possible to do so via web.config or on the aspx webpage? Thanks.
Upvotes: 2
Views: 3430
Answers (3)
Reputation: 2917
We can configure HTTP headers through web.config or via IIS
http://insiderattack.blogspot.com.au/2014/04/configuring-secure-iis-response-headers.html
Upvotes: 0
Reputation: 6620
Actually, you can disable the XSS filter for your site. Simply send the following header:
X-XSS-Protection: 0
Source: http://msdn.microsoft.com/en-us/library/dd565647(v=vs.85).aspx
Upvotes: 2
Reputation:
You cannot control (change) browser settings from within server application, whatever they are. So, no, it's not possible.
Explain what you're trying to achieve; maybe there's another solution to that.
Upvotes: 1
Related Questions
- How to prevent cross site scripting in classic ASP?
- How to prevent XSS in Asp.NET
- Cross-site scripting and ASP.NET
- WebBrowser Control: Disable Cross Site XSS Filtering or another way to process JS in full on HTML
- Cross site scripting manipulation globally
- Protecting my self from cross-site scripting
- Cross Site Scripting & filter request asp.net
- How to avoid Cross site scripting in ASP.NET
- Method to eliminate cross site scripts
- Microsoft Anti-Cross Site Scripting Library