Goodbye XSS Auditor

Chrome has retired the XSS Auditor because of problems with bypasses and security issues. This article describes how the Auditor worked, how it was bypassed and how it began. It examines the XSS Auditor’s weaknesses and vulnerabilities – deactivatable security and information leaks it caused. Finally, it suggests a secure alternative for the XSS Auditor. Read More