XSS Auditor
Hello,
When connecting with Safari to the administrative web interface of a network device, the console often shows messages like this one:
The XSS Auditor refused to execute a script in 'someurl' because its source code was found within the request. The auditor was enabled as the server sent neither an 'X-XSS-Protection' nor 'Content-Security-Policy' header.
Of course, a lot of functionalities are therefore unavailble through the web interface...
And since I don't have any control upon the pages served by the device, I'm stuck.
Is there a way to (temporarily) turn off the XSS Auditor in Safari?
It looks like there is a xssAuditorEnabled setting in Webcore, but I didn't manage to go very far with that "knowledge"...
TIA,
Axel