XSS Prevention

This project is not covered by Drupal’s security advisory policy.

This module's aim is to prevent XSS attacks.

It checks if URL contains some characters (%3e, %3c, >, <) to detect tag enclosure, or a list of JS event handlers.
When an attack is detected, the module will log it and make a redirection to the homepage.
You can configure the set of characters and JS event handlers.

Project information

Project categories: Security
250 sites report using this module
Created by nicolas.hod on 23 March 2021, updated 23 March 2021
This project is not covered by the security advisory policy.
Use at your own risk! It may have publicly disclosed vulnerabilities.

Releases

1.2.0 released 8 September 2023

Works with Drupal: ^8 || ^9 || ^10

D10 Compatibility

Install:

View all releases

XSS Prevention

Primary tabs

Project information

Releases

Maintainers

Issues for XSS Prevention

All issues

Bug report

Statistics

Resources

Development

News items

Our community

Documentation

Drupal code base

Governance of community