Sign in

Open source form receiver and forwarder for static website

Avatar photoitips3727
Verhoeckx wrote:

Hi Itips3727,

Thanks for sending me the above script but I have the idea that the script is not safe because it doesn’t test for Cross Site Scripting (XSS).


Hi @Verhoeckx,

Try adding XSS protection into your .htaccess file.

For example:

## Reflected XSS protection
<IfModule mod_headers.c>
Header set X-XSS-Protection "1; mode=block"

Hope that works for you. 😉