Turn on Cross-Site Scripting Filter - Restricted Sites Zone

Information

This policy controls whether or not the Cross-Site Scripting (XSS) Filter will detect and prevent cross-site script injections into websites in this zone.

If you enable this policy setting the XSS Filter is turned on for sites in this zone and the XSS Filter attempts to block cross-site script injections.

If you disable this policy setting the XSS Filter is turned off for sites in this zone and Internet Explorer permits cross-site script injections.

Solution

Policy Path: Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone
Policy Setting Name: Turn on Cross-Site Scripting Filter

See Also

https://blogs.technet.microsoft.com/secguide/2016/10/17/security-baseline-for-windows-10-v1607-anniversary-edition-and-windows-server-2016/

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-7a.

Plugin: Windows

Control ID: 27f1ca754e29246489abf2447550afe7c28d1ae8cf5f510b8d2e8a6d9add6453