Tuesday, May 4, 2010

IE8 XSS Filter

Did you know IE8 has an XSS filter in it? It is on by default in the Internet zone but you have to turn it on in the Local and Intranet zones. You do this in your internet options, about 3/4 of the way down:


More information on it here

But WAIT! What's this?? Maybe we shouldn't set it just yet!

http://blogs.zdnet.com/security/?p=6221

Sigh. For me, I say leave well enough alone for now. Keep the filter, let them update it in June (per the zdnet post link) as it is better than nothing on my Dad's computer.

Stay on top of these things but realize security should never be browser-specific. You will have users to your sites with all sorts of browsers...close your holes and be safe on the web. It is a wild world out there.

No comments:

Post a Comment