khanh.pndc/nextcloud-docs
1
0
Fork 0
mirror of https://github.com/nextcloud/documentation.git synced 2026-01-02 17:59:36 +07:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #13445 from nextcloud/fix/nginx-xss-protection-header

Browse Source 
docs(admin): remove X-XSS-Protection header from Nginx assets
This commit is contained in:
rakekniven
2025-08-01 18:35:20 +02:00
committed by GitHub
parent e525019b6d 6d820f08fd
commit 35caa5542d
2 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
admin_manual/installation/nginx-root.conf.sample
View File

@@ -1,4 +1,4 @@
# Version 2024-07-17
# Version 2025-07-23
upstream php-handler {
server 127.0.0.1:9000;
@@ -179,7 +179,6 @@ server {
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Permitted-Cross-Domain-Policies "none" always;
add_header X-Robots-Tag "noindex, nofollow" always;
add_header X-XSS-Protection "1; mode=block" always;
access_log off; # Optional: Don't log access to assets
}

3
admin_manual/installation/nginx-subdir.conf.sample
View File

@@ -1,3 +1,5 @@
# Version 2025-07-23
upstream php-handler {
server 127.0.0.1:9000;
#server unix:/run/php/php8.2-fpm.sock;
@@ -176,7 +178,6 @@ server {
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Permitted-Cross-Domain-Policies "none" always;
add_header X-Robots-Tag "noindex, nofollow" always;
add_header X-XSS-Protection "1; mode=block" always;
access_log off; # Optional: Don't log access to assets
}