Google is removing a nine-year-old feature in its Chrome web browser, which spotted a common online attack. Don’t worry, though – another, hopefully better, protection measure is on the way.
Introduced in 2010, XSS Auditor is a built-in Chrome function designed to detect cross-site scripting (XSS) vulnerabilities. In an XSS attack, a malicious actor injects their own code onto a legitimate website. They might do that by adding malicious code to a legitimate URL, or by posting content to a site that stores and displays what they’ve posted (persistent XSS).