Xml X Xss Protection Header Present
Description
Detects the presence of X-XSS-Protection header configurations in XML files. The X-XSS-Protection header is a legacy security header that can be abused if not configured properly, potentially leading to XSS vulnerabilities.
Detection Strategy
• Search for XML files containing <add> tags
• Check if any <add> tag has a name attribute set to 'x-xss-protection' (case insensitive)
• Report any matches found with their exact location in the file
Vulnerable code example
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<httpProtocol>
<customHeaders>
<add name="X-XSS-Protection" value="1"/> <!-- Vulnerable: Using value="1" without mode=block leaves XSS filtering in report-only mode -->
</customHeaders>
</httpProtocol>...✅ Secure code example
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<httpProtocol>
<customHeaders>
<remove name="X-XSS-Protection" /> <!-- Remove any existing header first to avoid conflicts -->
<add name="X-XSS-Protection" value="1; mode=block"/> <!-- Enable XSS filter and block rendering if attack detected -->
<remove name="X-Powered-By" /> <!-- Remove server information disclosure header -->...Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.