Using inurl: and Cross Site Scripting (XSS) - Why you should stop using IE to source

In the last number of weeks, with hackers decimating massive web-based servers and databases like Sony, Lockheed Martin and Google Mail, Microsoft have taken a hard-line approach to their Web-browsers and entering complex boolean search strings, in particularly those that contain the inurl: modifier. This is because hackers also use the inurl: modifier to hack websites.

What recruiters who use Boolean search-strings to source are continually finding over the last fortnight when using the Internet Explorer browser or the Bing search engine, is a notice that informs the user that “Internet Explorer has modified this page to help prevent cross-site scripting.” This essentially corrupts the search, and in some instances it stops the search altogether. We had a report today that when using IE to search Google, a user’s page was frozen and a popup asking for the user’s location was prompted, which when they didn’t respond, closed their browser.

For the moment, we’re not seeing evidence of XSS warnings happening when using Google Chrome or Firefox. This could be the beginning of the end for Internet Explorer amongst recruiters. Please put in the comments if you have experienced XSS warnings or frozen browsers when using IE, or if you’ve discovered this in Chrome or Firefox either.

Find out why over 400 staffing
firms choose SocialTalent Evolve


Find out how you can increase your revenue and profitability
with Evolve from SocialTalent