mirror of
https://github.com/deuill/coreos-home-server.git
synced 2024-09-21 05:30:45 +00:00
nginx: Remove deprecated XSS protection block
This commit is contained in:
parent
3f5c0306ed
commit
b5b64eba5b
@ -58,15 +58,6 @@ add_header X-Content-Type-Options nosniff always;
|
|||||||
|
|
||||||
add_header X-Frame-Options $x_frame_options always;
|
add_header X-Frame-Options $x_frame_options always;
|
||||||
|
|
||||||
# Protect website reflected Cross-Site Scripting (XSS) attacks.
|
|
||||||
#
|
|
||||||
# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection
|
|
||||||
# https://blogs.msdn.microsoft.com/ie/2008/07/02/ie8-security-part-iv-the-xss-filter/
|
|
||||||
# https://blogs.msdn.microsoft.com/ieinternals/2011/01/31/controlling-the-xss-filter/
|
|
||||||
# https://www.owasp.org/index.php/Cross-site_Scripting_%28XSS%29
|
|
||||||
|
|
||||||
add_header X-XSS-Protection $x_xss_protection always;
|
|
||||||
|
|
||||||
# Block access to all hidden files and directories except for the
|
# Block access to all hidden files and directories except for the
|
||||||
# visible content from within the `/.well-known/` hidden directory.
|
# visible content from within the `/.well-known/` hidden directory.
|
||||||
#
|
#
|
||||||
|
Loading…
Reference in New Issue
Block a user