Mitigating XSS Attacks in ASP.NET Apps
Posted in 184 on Oct 25th, 2007
However, I find several cases where the application team deviates from having this directive set to true for some business reasons. For eg. there is a rich text box in the web page which must allow any kind of input data. …
See the original post here: Mitigating XSS Attacks in ASP.NET Apps