mirrors/nextcloud-documentation
3
0
Fork 0
mirror of https://github.com/nextcloud/documentation.git synced 2025-10-26 11:18:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

Disable XSS-Protection Header

Browse Source 
see notes: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection

Signed-off-by: Maru Alka <me@marco-alka.de>
This commit is contained in:
Maru Alka 2022-09-29 12:34:57 +02:00 committed by MichaIng
parent 7dc0c71a83
commit 669ebf6b80
No known key found for this signature in database
GPG Key ID: CE6E5D0C45CE1624
2 changed files with 0 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
admin_manual/installation/nginx-root.conf.sample
View File

@ -79,7 +79,6 @@ server {
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Permitted-Cross-Domain-Policies "none" always;
add_header X-Robots-Tag "noindex, nofollow" always;
add_header X-XSS-Protection "1; mode=block" always;
# Remove X-Powered-By, which is an information leak
fastcgi_hide_header X-Powered-By;

1
admin_manual/installation/nginx-subdir.conf.sample
View File

@ -111,7 +111,6 @@ server {
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Permitted-Cross-Domain-Policies "none" always;
add_header X-Robots-Tag "noindex, nofollow" always;
add_header X-XSS-Protection "1; mode=block" always;
# Remove X-Powered-By, which is an information leak
fastcgi_hide_header X-Powered-By;