开发者

Detect whether the ie8 xss filter is enabled

开发者 https://www.devze.com 2022-12-22 04:24 出处：网络

Is there a method by which we can detect if a user using ie8 has the XSS filter enabled? A开发者_高级运维s far as I can tell, nothing changes in the User Agent or in the http headers when ie8 has the

相关专题：asp.net browser httpbrowsercapabilities internet-explorer-8 xss

Is there a method by which we can detect if a user using ie8 has the XSS filter enabled?

A开发者_高级运维s far as I can tell, nothing changes in the User Agent or in the http headers when ie8 has the XSS filter enabled vs when it does not. That leaves some client-side detection of the use of the filter. Would it be possible to write a test page that will tell me if the filter is active?

I know of no way to tell. IE fails to throw an error when it blocks the communications and Ie has no way to check what settings (or what security zone) IE has from javascript. So, you have no idea what is going on. This XSS filter is a menace.

Scott.