Which HTTP header is used to mitigate Cross-Site Scripting (XSS) attacks?
- Access-Control-Allow-Origin
- Content-Security-Policy
- X-Frame-Options
- X-XSS-Protection
The X-XSS-Protection header is used to mitigate Cross-Site Scripting (XSS) attacks in web applications. XSS attacks involve injecting malicious scripts into web pages, which can then execute in users' browsers, leading to data theft, session hijacking, and other security compromises. The X-XSS-Protection header instructs browsers to activate their built-in XSS protection mechanisms, such as filtering or blocking potentially dangerous scripts, thereby reducing the risk of successful XSS attacks. Implementing this header is an important security measure to safeguard against XSS vulnerabilities and protect users' sensitive information.
Loading...
Related Quiz
- What is the purpose of a version control system like Git?
- Explain the concept of versioning in RESTful APIs and its importance.
- You're tasked with ensuring secure file transfers within your organization. Which protocol(s) would you recommend and why?
- What is the purpose of a dummy node in a linked list?
- You're debugging a multi-threaded application and encountering deadlocks. Explain how you would identify and resolve deadlock situations effectively.