mirrors/nextcloud-documentation
3
0
Fork 0
mirror of https://github.com/nextcloud/documentation.git synced 2025-10-26 11:18:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #13445 from nextcloud/fix/nginx-xss-protection-header

Browse Source 
docs(admin): remove X-XSS-Protection header from Nginx assets
This commit is contained in:
rakekniven 2025-08-01 18:35:20 +02:00 committed by GitHub
commit 35caa5542d
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
admin_manual/installation/nginx-root.conf.sample
View File

@ -1,4 +1,4 @@
# Version 2024-07-17
# Version 2025-07-23
upstream php-handler {
server 127.0.0.1:9000;
@ -179,7 +179,6 @@ server {
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Permitted-Cross-Domain-Policies "none" always;
add_header X-Robots-Tag "noindex, nofollow" always;
add_header X-XSS-Protection "1; mode=block" always;
access_log off; # Optional: Don't log access to assets
}

3
admin_manual/installation/nginx-subdir.conf.sample
View File

@ -1,3 +1,5 @@
# Version 2025-07-23
upstream php-handler {
server 127.0.0.1:9000;
#server unix:/run/php/php8.2-fpm.sock;
@ -176,7 +178,6 @@ server {
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Permitted-Cross-Domain-Policies "none" always;
add_header X-Robots-Tag "noindex, nofollow" always;
add_header X-XSS-Protection "1; mode=block" always;
access_log off; # Optional: Don't log access to assets
}