The XSS Auditor's violation reports are now sent with a MIME type of `application/xss-auditor-report` (as opposed to `application/json`).

Status in Chromium

Blink>SecurityFeature


Enabled by default (tracking bug) in:

  • Chrome for desktop release 58
  • Chrome for Android release 58
  • Android WebView release 58

Consensus & Standardization

After a feature ships in Chrome, the values listed here are not guaranteed to be up to date.

  • No signal
  • No signal
  • No signal
  • No signals

Owners

Last updated on 2020-11-09