To date, cross site scripting protection has been widely adopted worldwide. This is really a great technology for netizens.However, a report last week revealed that Microsoft will eliminate the XSS filter function in the latest version.
In a blog article yesterday, Microsoft confirmed that the XSS filter module of Edge browser will be abandoned in the Windows 10 RS5 update.
But there is no need to worry, because the company has replaced modern browsers for Edge browsers.
Starting from today's compiled version, the XSS filter in Edge will be retired. Thanks to more modern standards, such as Content Security Policy, our customers will still receive protection.
Microsoft points out thatThe new technology provides a more powerful high-performance security mechanism to block content injection attacks.At the same time, it has high compatibility with all modern browsers.
Content security policy (CSP) can easily mitigate the types of attacks including cross site scripting (XSS) and data injection.
But Scott Helme, a security researcher, points out thatThe problem now is that CSP protection technology has not yet been widely adopted.
[compiled from:Windows Latest]