The XSS Filter in Internet Explorer 8 improperly blocks HTTP response rendered as XML

When you submit an HTTP request using Internet Explorer (IE) 8 to a target page hosted in a web application, the IE XSS Filter may block the response. This occurs even if the request and response are from the same domain. It also occurs even if you attempt to disable the XSS Filter feature by setting the following HTTP response header on the server: 

Microsoft has confirmed that this is a problem in the products listed in the Applies-To section of this article..

To workaround the issue, submit the HTTP request to a page that then performs an HTTP 307 redirect to the target page. 

This problem is resolved in Internet Explorer 9. 

Note This is a "FAST PUBLISH" article created directly from within the Microsoft support organization. The information contained herein is provided as-is in response to emerging issues. As a result of the speed in making it available, the materials may include typographical errors and may be revised at any time without notice. See Terms of Use (http://go.microsoft.com/fwlink/?LinkId=151500) for other considerations.