hoellen/docker-nextcloud
1
0
Fork 0
mirror of https://github.com/hoellen/docker-nextcloud.git synced 2025-04-20 04:29:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

disable legacy X-XSS-Protection

Browse Source 
Obsolete, unsafe, and superseded by CSP
This commit is contained in:
Wonderfall 2022-02-04 20:56:04 +01:00 committed by hoellen
parent feae76b13a
commit 7611471834
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
rootfs/etc/nginx/conf.d/default.conf
View File

@ -22,7 +22,7 @@ server {
add_header X-Frame-Options "SAMEORIGIN" always; add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Permitted-Cross-Domain-Policies "none" always; add_header X-Permitted-Cross-Domain-Policies "none" always;
add_header X-Robots-Tag "none" always; add_header X-Robots-Tag "none" always;
add_header X-XSS-Protection "1; mode=block" always; add_header X-XSS-Protection "0" always;
location = /robots.txt { location = /robots.txt {
allow all; allow all;