XSS Auditor (removed)

Remove the XSS Auditor from Chrome.

The XSS Auditor can introduce cross-site information leaks and mechanisms to bypass the Auditor are widely known.

Documentation

• https://www.chromium.org/developers/design-documents/xss-auditor
• https://groups.google.com/a/chromium.org/forum/?utm_medium=email&utm_source=footer#!msg/blink-dev/TuYw-EZhO9g/TCpThW81EAAJ

Specification

No public standards discussion

Status in Chromium

Blink components: Blink>SecurityFeature

Removed (tracking bug) in:

• Chrome for desktop release 78
• Chrome for Android release 78

Consensus & Standardization

• Firefox: No public signals
• Edge: Shipped
• Safari: No public signals
• Web Developers: Positive

Owner

• tsepez@chromium.org

Intent to Implement url

Last updated on 2019-08-27