Opened 7 years ago
Last modified 6 years ago
#12926 closed defect
Chrome blocks preview with ERR_BLOCKED_BY_XSS_AUDITOR — at Initial Version
| Reported by: | Ryan J Ollos | Owned by: | |
|---|---|---|---|
| Priority: | normal | Milestone: | 1.0.17 |
| Component: | general | Version: | |
| Severity: | normal | Keywords: | |
| Cc: | Branch: | ||
| Release Notes: | |||
| API Changes: | |||
| Internal Changes: | |||
Description
Issue occurs when using WikiProcessor in text such as:
{{{#!html
<form action="">
}}}
The workaround noted by Jun is to add X-XSS-Protection: 0 header when the method is POST (or to add the header to all preview features).
More info in X-XSS-Protection.
Note:
See TracTickets
for help on using tickets.
