XML protection checks

The XML Protection checks examine requests for XML-based attacks of all types.


The XML security checks apply only to content that is sent with an HTTP content-type header of text/xml. If the content-type header is missing, or is set to a different value, all XML security checks are bypassed. If you plan to protect XML or Web 2.0 web applications, the webmasters of each web server that hosts those applications must ensure that the proper HTTP content-type header is sent.

XML protection checks

In this article