khanh.pndc/nextcloud-docs
1
0
Fork 0
mirror of https://github.com/nextcloud/documentation.git synced 2026-01-03 10:20:02 +07:00
Code Issues Packages Projects Releases Wiki Activity

Disable XSS-Protection Header

Browse Source 
see notes: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection

Signed-off-by: Maru Alka <me@marco-alka.de>
This commit is contained in:
Maru Alka
2022-09-29 12:34:57 +02:00
committed by MichaIng
parent 7dc0c71a83
commit 669ebf6b80
2 changed files with 0 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
admin_manual/installation/nginx-root.conf.sample
View File

@@ -79,7 +79,6 @@ server {
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Permitted-Cross-Domain-Policies "none" always;
add_header X-Robots-Tag "noindex, nofollow" always;
add_header X-XSS-Protection "1; mode=block" always;
# Remove X-Powered-By, which is an information leak
fastcgi_hide_header X-Powered-By;

1
admin_manual/installation/nginx-subdir.conf.sample
View File

@@ -111,7 +111,6 @@ server {
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Permitted-Cross-Domain-Policies "none" always;
add_header X-Robots-Tag "noindex, nofollow" always;
add_header X-XSS-Protection "1; mode=block" always;
# Remove X-Powered-By, which is an information leak
fastcgi_hide_header X-Powered-By;