Opened 7 years ago
Last modified 6 years ago
#12926 closed defect
Chrome blocks preview with ERR_BLOCKED_BY_XSS_AUDITOR — at Initial Version
Reported by: | Ryan J Ollos | Owned by: | |
---|---|---|---|
Priority: | normal | Milestone: | 1.0.17 |
Component: | general | Version: | |
Severity: | normal | Keywords: | |
Cc: | Branch: | ||
Release Notes: | |||
API Changes: | |||
Internal Changes: |
Description
Issue occurs when using WikiProcessor in text such as:
{{{#!html <form action=""> }}}
The workaround noted by Jun is to add X-XSS-Protection: 0
header when the method is POST (or to add the header to all preview features).
More info in X-XSS-Protection.
Note:
See TracTickets
for help on using tickets.