How do I prevent Internet Explorer from modifying pages for cross-site scripting?

I have a website which I have been working with on this computer for over a year now. When I update a page on the host site and save it, the page that comes up is typically blank and then a pop-up asking me if I want to close the page. This alerts the user that the content has been saved and is now published to the web.

With what is coming up now prevents the work to be saved and published and I cannot find a way to stop it. Now all of a sudden that blank page that comes up after I save my work has a message at the top "Internet Explorer has modified this page to help prevent cross-site scripting".

PLEASE HELP ME TO GET RID OF THAT SO I CAN UPDATE MY WEBSITE!!!
 

Question Info


Last updated June 18, 2019 Views 92,828 Applies to:
Answer
Answer

Under the security tab for IE8 there is a new Scripting Section for XSS Filter, Disable it and the issue goes away.

 

16 people were helped by this reply

·

Did this solve your problem?

Sorry this didn't help.

Great! Thanks for marking this as the answer.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this response?

Thanks for your feedback.

Answer
Answer
I have a website which I have been working with on this computer for over a year now. When I update a page on the host site and save it, the page that comes up is typically blank and then a pop-up asking me if I want to close the page. This alerts the user that the content has been saved and is now published to the web.

With what is coming up now prevents the work to be saved and published and I cannot find a way to stop it. Now all of a sudden that blank page that comes up after I save my work has a message at the top "Internet Explorer has modified this page to help prevent cross-site scripting".

PLEASE HELP ME TO GET RID OF THAT SO I CAN UPDATE MY WEBSITE!!!

First watch this

http://technet.microsoft.com/en-us/ie/dd877959.aspx

(also mentions a security setting which an end-user can use to disable the new feature.)


Then read this

http://download.microsoft.com/download/6/6/B/66B06981-67F0-4151-B71D-848BEF65F3C7/Developing%20Securely%20with%20Cross%20Site%20Scripting%20Filter%20%20-%20IE8%20Developer%20Series%20Information%20Page.pdf

<quote>
In the unlikely event you have a specific technical requirement to build an application that requires disabling the XSS filter for your website (or just the page level), you can do so by setting a HTTP response header as follows:

X-XSS-Protection: 0
</quote>

(Microsoft search for
    "cross-site" scripting "Internet Explorer 8"  XSS
)

BTW as this is really more of a developer's issue than an IE end-user's you may find more informed help from a forum or newsgroup which specializes in IE web development (such as the MSDN one.)


Good luck

Robert Aldwinckle
---

1 person was helped by this reply

·

Did this solve your problem?

Sorry this didn't help.

Great! Thanks for marking this as the answer.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this response?

Thanks for your feedback.