BinaryTask - Task

2019/05/30 09:12:16

XSS Auditor

If you post an iframe over http in chrome the response will be blocked unless you add the header

X-XSS-Protection:0

In a server response prior to the post.

I guess chrome and youtube teams don't really communicate at all.

Edit: Well now they do (V3) and then it's time to switch to Firefox! Xo

Keyword: justdont

/marc

Login to comment.