Yesterday I was playing a little bit with IE8 when I received the following warning message in IE window:
Internet Explorer has modified this page to prevent a potential cross-site-scripting attack.
Yep, that’s right: IE8 now mitigates XSS attack by using the built in XSS Filter. Do you want to know more about this? Check this great explanation/demo below:
Also, you can review why IE Team adopted this new approach to prevent XSS attack:
PingBack from http://mstechnews.info/2008/11/using-ie8-to-mitigate-xss-attack/