Other browsers, including Google's Chrome, also offer cross-site scripting filtering . But according to Lindsay, Chrome users are not at risk to the same kind of abuse.
"Chrome's neutering technique is to completely block [the] page," said Lindsay in a direct message via Twitter. "This is preferred over modifying [the] response" as did Microsoft's browser. "IE8 header now allows the same."
Coincidentally, Google patched seven security vulnerabilities in the "stable" Windows version of Chrome earlier today, including two related to cross-site scripting .
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld . Follow Gregg on Twitter at @gkeizer or subscribe to Gregg's RSS feed . His e-mail address is firstname.lastname@example.org .
Read more about security in Computerworld's Security Knowledge Center.