@FilterWith(value=XXSSProtection.Filter.class) @Target(value={METHOD,TYPE}) @Retention(value=RUNTIME) @Inherited @Documented public @interface XXSSProtection
Try to prevent Cross-Site-Scripting attacks.
It was originally by Microsoft but Chrome has since adopted it as well.
This isn't anywhere near as thorough as CSP. It's only properly supported on IE9+ and Chrome; no other major browsers support it at this time. Old versions of IE support it in a buggy way.
By default, values from configuration are used. Values set with the annotation parameters override thoses from the configuration, except if set to an empty string.
public abstract String value