From 2dfe21245fb7df5aad303160b7edd87ea24f6c6d Mon Sep 17 00:00:00 2001
From: AnsibleGuy <guy@ansibleguy.net>
Date: Fri, 6 Sep 2024 14:33:18 +0200
Subject: [PATCH] remove deprecated X-XSS-Protection header

---
 defaults/main/1_main.yml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/defaults/main/1_main.yml b/defaults/main/1_main.yml
index 94555d3..a345404 100644
--- a/defaults/main/1_main.yml
+++ b/defaults/main/1_main.yml
@@ -59,7 +59,6 @@ defaults_apache:
     'X-Frame-Options': 'SAMEORIGIN'
     'X-Content-Type-Options': 'nosniff'
     'X-Permitted-Cross-Domain-Policies': '"none"'
-    'X-XSS-Protection': '"1; mode=block"'
     'Header always edit Set-Cookie ^(.*)$': '$1;HttpOnly;Secure;SameSite=None'
     # 'Header set Permissions-Policy': '"none"'
     # 'Header set Content-Security-Policy': '"default-src https:; font-src https:; img-src https:; script-src https:; style-src https:;"'