Exotic HTTP Headers Exploration of HTTP security and other non-typical headers Last updated on December 9, 2016 Cross-Site Scripting (XSS) is an attack in which malicious scripts can be injected on a page. For example: <h1>Hello, <script>alert('hacked')</script></h1> This is a pretty obvious attack and something that browsers can block: if you find a part of the request in the source code, it migh
![Exotic HTTP Headers](https://cdn-ak-scissors.b.st-hatena.com/image/square/c935567b97bf86223bd3c59a06a9b2d0cafad535/height=288;version=1;width=512/https%3A%2F%2Fpeteris.rocks%2Fblog%2Fexotic-http-headers%2Fpins-chrome-fb.png)