deuill/coreos-home-server
1
0
Fork 0
mirror of https://github.com/deuill/coreos-home-server.git synced 2024-09-21 13:40:45 +00:00
Code Issues Packages Projects Releases Wiki Activity

nginx: Remove deprecated XSS protection block

Browse Source
This commit is contained in:
Alex Palaistras 2023-03-25 14:28:12 +00:00
parent 3f5c0306ed
commit b5b64eba5b
1 changed files with 0 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
service/nginx/container/config/server.conf
View File

@ -58,15 +58,6 @@ add_header X-Content-Type-Options nosniff always;
add_header X-Frame-Options $x_frame_options always; add_header X-Frame-Options $x_frame_options always;
# Protect website reflected Cross-Site Scripting (XSS) attacks.
#
# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection
# https://blogs.msdn.microsoft.com/ie/2008/07/02/ie8-security-part-iv-the-xss-filter/
# https://blogs.msdn.microsoft.com/ieinternals/2011/01/31/controlling-the-xss-filter/
# https://www.owasp.org/index.php/Cross-site_Scripting_%28XSS%29
add_header X-XSS-Protection $x_xss_protection always;
# Block access to all hidden files and directories except for the # Block access to all hidden files and directories except for the
# visible content from within the `/.well-known/` hidden directory. # visible content from within the `/.well-known/` hidden directory.
# #