я очень переживаю за своим сайты, когда узнал о том что есть опасность взлома XSS на CloudFlare
жду ответа от представителей
Hi there,
This is Tom, a Technical Support Engineer here at Cloudflare.
Thanks for sharing this with us. If you think that you’ve found a potential security vulnerability, please share it with us via HackerOne and we’ll get this addressed as fast as possible.
Even though we have some protections in place, it’s difficult to implement strict rulesets without breaking a majority of websites. Therefore, we still recommend to implement XSS protections on your site’s level. As XSS is an issue that could “only” affect website visitors, all server-related security features (for example DDoS protection, WAF, etc.) will remain fully intact and secure.
Hope that helps.
3 Likes
This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.