paulmataruso/zulip
1
0
Fork 0
mirror of https://github.com/zulip/zulip.git synced 2025-11-01 20:44:04 +00:00
Code Issues Packages Projects Releases Wiki Activity

nginx: Remove legacy X-XSS-Protection header.

Browse Source 
Support for this header was removed in Chrome 78, Safari 15.4, and
Edge 17.  It was never supported in Firefox.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
This commit is contained in:
Anders Kaseorg
2022-06-27 15:19:27 -07:00
committed by Tim Abbott
parent 869fe60689
commit ef3510fa6d
2 changed files with 0 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
puppet/zulip/files/nginx/zulip-include-common/headers
View File

@@ -5,4 +5,3 @@ add_header Strict-Transport-Security max-age=15768000 always;
add_header X-Frame-Options DENY always;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";