Forum Discussion
Eric_St__John
Jan 22, 2015Employee
Cross site scripting protection is handled with the attack signatures. You can place the policy into blocking mode and then place the attack signatures into alert only mode, or place the entire policy into transparent.
You will have to make sure that whatever URI, filename, and parameters are learned and enforced if you are tightening the policy.