Missing X-XSS-Protection header For Alteryx
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
asma_rez
8 - Asteroid
‎09-26-2019
06:32 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Notify Moderator
Dear Support.
Is there any X-XSS-Protection to set on the alteryx server fro, XSS attacks?
Thanks
Labels:
- Labels:
- Best Practices
2 REPLIES 2
DiganP
Alteryx Alumni (Retired)
‎09-26-2019
01:24 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Notify Moderator
@asma_rez I believe you should be able to do this inside of Internet Options for IE.
X-XSS-Protection: 1 : Force XSS protection (useful if XSS protection was disabled by the user)
X-XSS-Protection: 0 : Disable XSS protection
The token mode=block will prevent browser (IE8+ and Webkit browsers) to render pages (instead of sanitizing) if a potential XSS reflection (= non-persistent) attack is detected.
More info here.
Digan
Alteryx
Alteryx
ACE Emeritus
‎01-03-2020
01:47 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Notify Moderator
Hi @asma_rez did you get this resolved? If you did can you mark resolved so others can see it in the community?
Thanks
Joshua
Joshua Burkhow - Alteryx Ace | Global Alteryx Architect @PwC | Blogger @ AlterTricks
