Closed snadon closed 6 years ago
@joeldrapper
To anyone interested, this does not mean Lucky does not have XSS protection currently. lucky sanitizes HTML automatically. This is an additional precaution that makes things even more secure
Closing in favor of https://github.com/luckyframework/lucky/issues/565
Web Browser XSS Protection is not enabled, or is disabled by the configuration of the ’X-XSS-Protection’ HTTP response header on the web server.