MozillaWiki

User:Apking/Web Security Guidelines: Difference between revisions

User page Discussion

User:Apking/Web Security Guidelines (view source)

Revision as of 00:15, 16 January 2016

3 bytes removed ,  16 January 2016
grammar
(minor tweaks)
(grammar)
Line 359: Line 359:
= robots.txt =
= robots.txt =


<tt>robots.txt</tt> is a text file placed within the root directory of a site that tells robots (such as indexers employed by search engines) how to behave, by instructing them not to index certain paths on the website. This is particularly useful for reducing load on your website, though disabling the indexing of automatically generated content. It can also be helpful for preventation the pollution of search results, for resources that don't benefit from being searchable.
<tt>robots.txt</tt> is a text file placed within the root directory of a site that tells robots (such as indexers employed by search engines) how to behave, by instructing them not to index certain paths on the website. This is particularly useful for reducing load on your website, though disabling the indexing of automatically generated content. It can also be helpful for preventing the pollution of search results, for resources that don't benefit from being searchable.


Sites may optionally use robots.txt, but should only use it for these purposes. It should not be used as a way to prevent the disclosure of private information or to hide portions of a website. Although this does prevent these sites from appearing in search engines, it does not prevent its discovery from attackers, as <tt>robots.txt</tt> is frequently used for reconnaisance.
Sites may optionally use robots.txt, but should only use it for these purposes. It should not be used as a way to prevent the disclosure of private information or to hide portions of a website. Although this does prevent these sites from appearing in search engines, it does not prevent its discovery from attackers, as <tt>robots.txt</tt> is frequently used for reconnaisance.
Line 460: Line 460:
= X-XSS-Protection =
= X-XSS-Protection =


<tt>X-XSS-Protection</tt> is an feature of Internet Explorer and Chrome that stops pages from loading when they detect reflected cross-site scripting (XSS) attacks. New sites should use this header, but it is only recommended for existing sites, given the small but possible risk of false positives.
<tt>X-XSS-Protection</tt> is a feature of Internet Explorer and Chrome that stops pages from loading when they detect reflected cross-site scripting (XSS) attacks. New sites should use this header, but it is only recommended for existing sites, given the small but possible risk of false positives.


== Examples ==
== Examples ==
Apking
Anti-spam team, Confirmed users
99

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/1112955"