Closed postmodern closed 9 years ago
http://difrwear.com/ has an unusual X-Xss-Protection header:
X-Xss-Protection header
1; mode=block; report=/xss-report/25b8988e-64ff-45a8-b0c6-2700fc1e9abd?source%5Baction%5D=index&source%5Bcontroller%5D=shop&source%5Bsection%5D=storefront
At first I thought the report=... part was an HTTP header extension. However, header extensions can only be of the form token=token or token="quoted-string".
report=...
token=token
token="quoted-string"
http://difrwear.com/ has an unusual
X-Xss-Protection header:At first I thought the
report=...part was an HTTP header extension. However, header extensions can only be of the formtoken=tokenortoken="quoted-string".