XSSAuditor enabled for URL checker
Written: 14.11.2019 15:43 Written By: Marius Steffens
Just a quick clarification about the RSXSS exercise: We are crawling these URLs with a Chrome with version < 78.
This means in particular, that the XSSAuditor is still enabled by default.
You do not need to specifically bypass the Auditor(in contrast to the RCXSS exercise), however, you should take this into account when building your payload. Otherwise, you might accidentally trigger the Auditor.