Wednesday, December 2, 2015

The XSS Auditor refused to execute a script in http://default.aspx because its source code was found within the request. The auditor was enabled as the server sent neither an 'X-XSS-Protection' nor 'Content-Security-Policy' header in SharePoint 2013

The XSS Auditor refused to execute a script in http://default.aspx because its source code was found within the request. The auditor was enabled as the server sent neither an 'X-XSS-Protection' nor 'Content-Security-Policy' header in SharePoint 2013
Recent google chrome update may breaks the sharepoint layout pages and other custom development pages due to XSS Auditor.


I have added the HTTP Response Header to the SharePoint Web Front End Servers  and then it worked fine.    
Post a Comment