Details
This policy controls whether or not the Cross-Site Scripting (XSS) Filter will detect and
prevent cross-site script injections into websites in this zone. If you enable this policy
setting, the XSS Filter is turned on for sites in this zone, and the XSS Filter attempts to block
cross-site script injections. If you disable this policy setting, the XSS Filter is turned off for
sites in this zone, and Internet Explorer permits cross-site script injections. The
recommended state for this setting is- Enabled-Enable.
*Rationale*
The Cross-Site Scripting (XSS) Filter will detect and prevent cross-site script injections into
websites in this zone
Solution
To establish the recommended configuration via Group Policy, set the following UI path to
Enabled.
Computer ConfigurationAdministrative TemplatesWindows ComponentsInternet
ExplorerInternet Control PanelSecurity PageInternet ZoneTurn on Cross-Site
Scripting Filter
Then set the Turn on Cross-Site Scripting (XSS) Filter option to Enable.
Impact-If you enable this policy setting, the XSS Filter is turned on for sites in this zone, and the XSS
Filter attempts to block cross-site script injections. If you disable this policy setting, the XSS
Filter is turned off for sites in this zone, and Internet Explorer permits cross-site script
injections.
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Windows.