self-hosted/Mailu
1
0
Fork 0
mirror of https://github.com/Mailu/Mailu.git synced 2025-01-18 03:21:36 +02:00
Code Issues Releases Activity

Update X-XSS-Protection to current recommendation

Browse Source 
See:

- https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection and
- https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Headers_Cheat_Sheet.html#x-xss-protection
This commit is contained in:
Giuseppe C 2022-05-08 21:11:01 +02:00 committed by GitHub
parent e86412453a
commit 389438d18b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
core/nginx/conf/nginx.conf
View File

@ -117,7 +117,7 @@ http {
add_header X-Frame-Options 'SAMEORIGIN';
add_header X-Content-Type-Options 'nosniff';
add_header X-Permitted-Cross-Domain-Policies 'none';
add_header X-XSS-Protection '1; mode=block';
add_header X-XSS-Protection '0';
add_header Referrer-Policy 'same-origin';
# mozilla autoconfiguration