Monthly Archives: April 2009

Internet Explorer cross-site scripting warning

I came across the warning “Internet Explorer has modified this page to help prevent cross-site scripting.” which is triggered by the IE8 security filter.

However, IE gives no clues of why the warning was triggered or what was modified to prevent it. Annoying.

To get some more information you must download Microsoft Application Compatibility Toolkit and run the Internet Explorer Compatibility Test Tool.

More information about this particular issue with XSS is available here.

It is possible to stop this warning from occuring (beside actually fixing the underlying issue) by adding a custom header entry: X-XSS-Protection: 0