Mitigating a cross site scripting attack 

If you deem that your network is secure enough to turn off the active content filter, consider using one of the configuration options described in this topic to mitigate an attack should one occur.

About this task

If you decide to disable active content filtering in favor of providing maximum flexibility, take steps to contain a cross site scripting (XSS) attack. For example, your organization might believe that as long as the XSS exposure is limited only to your blog site, the risk is acceptable. If that is the case, consider adopting the following best practices to contain an attack:

Use isolated domains

Do not use single sign-on

Configure files to be downloaded from a separate domain

Parent topic

Securing applications from malicious attack

Related tasks

Displaying files inline
Specify a separate file download domain

Related reference
Files configuration properties