What is the http-header “X-XSS-Protection”?

Question

So I\'ve been toying around with HTTP for fun in telnet now (i.e. just typing in telnet google.com 80 and putting in random GETs and POSTs with different header

Answer 1

You can see in this List of useful HTTP headers.

X-XSS-Protection: This header enables the Cross-site scripting (XSS) filter built into most recent web browsers. It's usually enabled by default anyway, so the role of this header is to re-enable the filter for this particular website if it was disabled by the user. This header is supported in IE 8+, and in Chrome (not sure which versions). The anti-XSS filter was added in Chrome 4. Its unknown if that version honored this header.