remove doubled X-XSS-Protection Header

since it gets already set by MISP itself
2025-01-09 12:17:51 +01:00 · 2025-01-09 12:17:51 +01:00 · 3a219de8ad
parent 654ac748f3
commit 3a219de8ad
1 changed files with 0 additions and 1 deletions
--- a/core/files/etc/nginx/includes/misp
+++ b/core/files/etc/nginx/includes/misp
@ -11,7 +11,6 @@ add_header X-Download-Options "noopen" always;
 add_header X-Frame-Options "SAMEORIGIN" always;
 add_header X-Permitted-Cross-Domain-Policies "none" always;
 add_header X-Robots-Tag "none" always;
-add_header X-XSS-Protection "1; mode=block" always;

 # remove X-Powered-By and nginx version, which is an information leak
 fastcgi_hide_header X-Powered-By;