When IE8 was released, they added a new XSS (Cross-Site Scripting) filter which is turned on for all users by default. The purpose of the filter is to detect and mitigate a cross-site scripting (XSS) attack. Cross-site scripting attacks occur when a website, generally malicious, adds JScript to otherwise legitimate requests to another website. You can read more about it at http://msdn.microsoft.com/en-us/library/dd565647%28VS.85%29.aspx.
To prevent triggering the filter, you should avoid putting script into any of the form fields that you submit to avoid this issue with IE8. This includes <script> tags or <script> tags plus other ways of injecting script on to the page. This also includes the <link rel="stylesheet" type="text/css" href="https://server/our.css"> tag, as Microsoft considers it to be a potential XSS attack.
Basically you can't put <script> tags or <link to stylesheet> tags or <style> tags in your code at all, or you'll receive the error.
Hope this helps.
Thanks,
Michelle
Developer Community Manager
09-28-2010 03:18 PM - edited 09-30-2010 01:53 PM