Skip to content

X-Xss-Protection header "1; mode=block" differs in Servlet and Reactive #11948

New issue
New issue
Closed
Closed
X-Xss-Protection header "1; mode=block" differs in Servlet and Reactive#11948
Assignees
jzheauxKehrlann
Labels
in: webAn issue in web modules (web, webmvc)type: bugA general bug
Milestone
 
5.8.9
@Kehrlann

Description

@Kehrlann
Kehrlann
opened on Oct 4, 2022

X-Xss-Protection header, when set to mode=block, is different in Servlet and Reactive stacks:

  • X-Xss-Protection: 1; mode=block in Servlet
  • X-Xss-Protection: 1 ; mode=block in Reactive, with an extra space

Is this something we want to address?

Discovered in issue: gh-9631

Metadata

Metadata

Assignees

Labels

in: webAn issue in web modules (web, webmvc)type: bugA general bug

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions